Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8388

Опубликовано: 02 дек. 2015
Источник: debian
EPSS Низкий

Описание

PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
pcre3fixed2:8.35-7package
pcre3fixed2:8.35-3.3+deb8u1jessiepackage
pcre3no-dsawheezypackage
pcre3no-dsasqueezepackage

Примечания

  • https://bugs.exim.org/show_bug.cgi?id=1651

  • http://vcs.pcre.org/pcre?view=revision&revision=1571

  • Fixed in 8.38

  • Different issue than CVE-2015-5073 but same fixing commit

EPSS

Процентиль: 93%
0.09792
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-8388

ubuntu
больше 9 лет назад

PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

redhat логотип

CVE-2015-8388

redhat
около 10 лет назад

PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

nvd логотип

CVE-2015-8388

nvd
больше 9 лет назад

PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

github логотип

GHSA-5776-327r-qhr3

github
около 3 лет назад

PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

oracle-oval логотип

ELSA-2016-1025

oracle-oval
около 9 лет назад

ELSA-2016-1025: pcre security update (IMPORTANT)

EPSS

Процентиль: 93%
0.09792
Низкий