Lucene search

[email protected]CVE-2006-7227

HistoryNov 14, 2007 - 9:46 p.m.

CVE-2006-7227

2007-11-1421:46:00

CWE-189

[email protected]

web.nvd.nist.gov

nvd

cve-2006-7227

pcre

buffer overflow

arbitrary code execution

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.0%

JSON

Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.

CPENameOperatorVersion
pcre:pcrepcrele6.6

CPE	Name	Operator	Version
pcre:pcre	pcre	le	6.6

References

bugs.gentoo.org/show_bug.cgi?id=198976

lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html

scary.beasts.org/security/CESA-2007-006.html

secunia.com/advisories/27582

secunia.com/advisories/27741

secunia.com/advisories/27773

secunia.com/advisories/27869

secunia.com/advisories/28406

secunia.com/advisories/28414

secunia.com/advisories/28658

secunia.com/advisories/28714

secunia.com/advisories/28720

secunia.com/advisories/30106

secunia.com/advisories/30155

secunia.com/advisories/30219

security.gentoo.org/glsa/glsa-200711-30.xml

security.gentoo.org/glsa/glsa-200801-02.xml

security.gentoo.org/glsa/glsa-200801-18.xml

security.gentoo.org/glsa/glsa-200801-19.xml

security.gentoo.org/glsa/glsa-200805-11.xml

support.avaya.com/elmodocs2/security/ASA-2007-493.htm

www.debian.org/security/2008/dsa-1570

www.mandriva.com/security/advisories?name=MDVSA-2008:030

www.novell.com/linux/security/advisories/2007_62_pcre.html

www.pcre.org/changelog.txt

www.redhat.com/support/errata/RHSA-2007-1052.html

www.securityfocus.com/bid/26462

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10408

Social References

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.0%

JSON

Related for CVE-2006-7227

ubuntucve3 debiancve3 nessus13 openvas19 cve3 oraclelinux1 redhat1 centos1 suse2 gentoo1 debian1