CVE-2007-2026 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-2026
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2026

Description: The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported for AMaViS.

CVE Status: Candidate

References: SAID Secunia Advisory: SA24918 Secunia Advisory: SA25394 Secunia Advisory: SA25544 Secunia Advisory: SA25578 MISC http://sourceforge.net/mailarchive/forum.php?thread_name=755AF709E5B77E6EA58479D5%40foxx.lsit.ucsb.edu&forum_name=amavis-user MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:114 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200704-13.xml CONFIRM http://www.amavis.org/security/asa-2007-3.txt BID 24146

Return to the previous page.