pcre3: arbitrary code execution [LWN.net]

Package(s):

pcre3

CVE #(s):

CAN-2005-2491

Created:

August 23, 2005

Updated:

March 10, 2006

Description:

A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.

Alerts:

Red Hat	RHSA-2006:0197-01	2006-03-09
Fedora-Legacy	FLSA:168516	2006-03-07
Debian	DSA-821-1	2005-09-28
Debian	DSA-819-1	2005-09-23
Debian	DSA-817-1	2005-09-22
Gentoo	200509-08	2005-09-12
Red Hat	RHSA-2005:358-01	2005-09-08
Red Hat	RHSA-2005:761-02	2005-09-08
Trustix	TSLSA-2005-0045	2005-08-26
OpenPKG	OpenPKG-SA-2005.018	2005-09-05
SuSE	SUSE-SA:2005:051	2005-09-05
Gentoo	200509-02	2005-09-03
Debian	DSA-800-1	2005-09-02
Ubuntu	USN-173-4	2005-08-31
Slackware	SSA:2005-242-01	2005-08-31
SuSE	SUSE-SA:2005:049	2005-08-30
SuSE	SUSE-SA:2005:048	2005-08-30
Ubuntu	USN-173-3	2005-08-30
Mandriva	MDKSA-2005:155	2005-08-29
Mandriva	MDKSA-2005:154	2005-08-26
Mandriva	MDKSA-2005:153	2005-08-26
Mandriva	MDKSA-2005:151	2005-08-25
Mandriva	MDKSA-2005:152	2005-08-25
Gentoo	200508-17	2005-08-25
Ubuntu	USN-173-2	2005-08-24
Fedora	FEDORA-2005-803	2005-08-24
Fedora	FEDORA-2005-802	2005-08-24
Ubuntu	USN-173-1	2005-08-23

(Log in to post comments)