Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-9769

Опубликовано: 23 мар. 2016
Источник: redhat
CVSS2: 4.3

Описание

pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Directory Server 8pcreNot affected
Red Hat Enterprise Linux 5pcreNot affected
Red Hat Enterprise Linux 6glib2Not affected
Red Hat Enterprise Linux 6pcreNot affected
Red Hat Enterprise Linux 7glib2Not affected
Red Hat Enterprise Linux 7pcreNot affected
Red Hat Enterprise Linux 7virtuoso-opensourceNot affected
Red Hat JBoss Enterprise Web Server 1httpdNot affected
Red Hat JBoss Enterprise Web Server 2httpdNot affected
Red Hat JBoss Enterprise Web Server 3pcreNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1320995pcre: incorrect nested table jumps when JIT is used (8.36/6)

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-9769

CVSS3: 7.3
ubuntu
почти 10 лет назад

pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset.

nvd логотип

CVE-2014-9769

CVSS3: 7.3
nvd
почти 10 лет назад

pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset.

debian логотип

CVE-2014-9769

CVSS3: 7.3
debian
почти 10 лет назад

pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to o ...

github логотип

GHSA-v59w-72qc-xg55

CVSS3: 7.3
github
больше 3 лет назад

pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset.

4.3 Medium

CVSS2