Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-8382

Опубликовано: 02 дек. 2015
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 6.4

Описание

The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.

РелизСтатусПримечание
devel

not-affected

esm-apps/xenial

not-affected

esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

2:8.38-3
esm-infra-legacy/trusty

released

1:8.31-2ubuntu2.2
esm-infra/xenial

not-affected

2:8.38-3
precise

released

8.12-4ubuntu0.2
precise/esm

not-affected

8.12-4ubuntu0.2
trusty

released

1:8.31-2ubuntu2.2
trusty/esm

released

1:8.31-2ubuntu2.2
upstream

released

2:8.35-7.2
vivid

ignored

end of life
vivid/stable-phone-overlay

ignored

end of life, was pending

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%
0.01772
Низкий

6.4 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2015-8382

redhat
около 11 лет назад

The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.

nvd логотип

CVE-2015-8382

nvd
около 10 лет назад

The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.

debian логотип

CVE-2015-8382

debian
около 10 лет назад

The match function in pcre_exec.c in PCRE before 8.37 mishandles the / ...

github логотип

GHSA-h7q3-3hf3-hv3q

github
больше 3 лет назад

The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.

suse-cvrf логотип

openSUSE-SU-2016:3099-1

suse-cvrf
около 9 лет назад

Security update for pcre

EPSS

Процентиль: 82%
0.01772
Низкий

6.4 Medium

CVSS2