Описание
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?Pc)(?Pa(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2:8.38-3 |
| esm-infra-legacy/trusty | not-affected | 1:8.31-2ubuntu2 |
| precise | not-affected | 8.12-4 |
| trusty | not-affected | 1:8.31-2ubuntu2 |
| trusty/esm | not-affected | 1:8.31-2ubuntu2 |
| upstream | needed | |
| utopic | ignored | end of life |
| vivid | released | 2:8.35-3.3ubuntu1.1 |
| vivid/stable-phone-overlay | released | 2:8.35-3.3ubuntu1.1 |
| vivid/ubuntu-core | released | 2:8.35-3.3ubuntu1.1 |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 a ...
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.
7.5 High
CVSS2
9.8 Critical
CVSS3