Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-8380

Опубликовано: 01 июн. 2015
Источник: redhat
CVSS2: 5

Описание

The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Directory Server 8pcreNot affected
Red Hat Enterprise Linux 5pcreNot affected
Red Hat Enterprise Linux 6glib2Not affected
Red Hat Enterprise Linux 6pcreNot affected
Red Hat Enterprise Linux 7glib2Not affected
Red Hat Enterprise Linux 7pcreWill not fix
Red Hat Enterprise Linux 7virtuoso-opensourceNot affected
Red Hat JBoss Enterprise Web Server 1httpdNot affected
Red Hat JBoss Enterprise Web Server 2httpdNot affected
Red Hat JBoss Enterprise Web Server 3pcreWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

https://bugzilla.redhat.com/show_bug.cgi?id=1285413pcre: OOB write when pcre_exec() is called with ovecsize of 1 (8.38/10)

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-8380

ubuntu
около 10 лет назад

The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

nvd логотип

CVE-2015-8380

nvd
около 10 лет назад

The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

debian логотип

CVE-2015-8380

debian
около 10 лет назад

The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a ...

github логотип

GHSA-67r8-54m7-f6x4

github
больше 3 лет назад

The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

suse-cvrf логотип

openSUSE-SU-2016:3099-1

suse-cvrf
около 9 лет назад

Security update for pcre

5 Medium

CVSS2