Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-1283

Опубликовано: 03 янв. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'){97)?J)?J)(?'R'(?'R'){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

code not present
cosmic

not-affected

code not present
devel

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

2:8.38-3.1
bionic

not-affected

2:8.38-3.1
cosmic

not-affected

2:8.38-3.1
devel

not-affected

2:8.38-3.1
esm-infra-legacy/trusty

not-affected

1:8.31-2ubuntu2.1
esm-infra/bionic

not-affected

2:8.38-3.1
esm-infra/xenial

not-affected

2:8.38-3.1
precise

not-affected

precise/esm

not-affected

trusty

not-affected

1:8.31-2ubuntu2.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%
0.04434
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-1283

redhat
почти 10 лет назад

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

nvd логотип

CVE-2016-1283

CVSS3: 9.8
nvd
почти 10 лет назад

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

debian логотип

CVE-2016-1283

CVSS3: 9.8
debian
почти 10 лет назад

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles t ...

github логотип

GHSA-3v53-2g4c-6vpg

CVSS3: 9.8
github
больше 3 лет назад

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

suse-cvrf логотип

openSUSE-SU-2016:3099-1

suse-cvrf
почти 9 лет назад

Security update for pcre

EPSS

Процентиль: 89%
0.04434
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3