Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-8384

Опубликовано: 23 нояб. 2015
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Directory Server 8pcreNot affected
Red Hat Enterprise Linux 5pcreNot affected
Red Hat Enterprise Linux 6glib2Not affected
Red Hat Enterprise Linux 6pcreNot affected
Red Hat Enterprise Linux 7glib2Not affected
Red Hat Enterprise Linux 7pcreNot affected
Red Hat Enterprise Linux 7virtuoso-opensourceNot affected
Red Hat JBoss Enterprise Web Server 1httpdNot affected
Red Hat JBoss Enterprise Web Server 2httpdNot affected
Red Hat JBoss Enterprise Web Server 3pcreNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1287623pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

EPSS

Процентиль: 78%
0.01192
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-8384

ubuntu
около 10 лет назад

PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.

nvd логотип

CVE-2015-8384

nvd
около 10 лет назад

PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.

debian логотип

CVE-2015-8384

debian
около 10 лет назад

PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and re ...

github логотип

GHSA-52qf-gwh3-p975

github
больше 3 лет назад

PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.

suse-cvrf логотип

openSUSE-SU-2016:3099-1

suse-cvrf
около 9 лет назад

Security update for pcre

EPSS

Процентиль: 78%
0.01192
Низкий

6.8 Medium

CVSS2