Lucene search

[email protected]CVE-2007-4766

HistoryNov 07, 2007 - 11:46 p.m.

CVE-2007-4766

2007-11-0723:46:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2007-4766

pcre library

integer overflows

denial of service

execute arbitrary code

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.7%

JSON

Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences.

CPENameOperatorVersion
pcre:pcrepcrele7.3

CPE	Name	Operator	Version
pcre:pcre	pcre	le	7.3

References

bugs.gentoo.org/show_bug.cgi?id=198976

docs.info.apple.com/article.html?artnum=307179

docs.info.apple.com/article.html?artnum=307562

lists.apple.com/archives/security-announce/2007/Dec/msg00002.html

lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html

secunia.com/advisories/27538

secunia.com/advisories/27543

secunia.com/advisories/27554

secunia.com/advisories/27697

secunia.com/advisories/27741

secunia.com/advisories/27773

secunia.com/advisories/28136

secunia.com/advisories/28406

secunia.com/advisories/28414

secunia.com/advisories/28714

secunia.com/advisories/28720

secunia.com/advisories/29267

secunia.com/advisories/29420

secunia.com/advisories/30106

secunia.com/advisories/30155

secunia.com/advisories/30219

security.gentoo.org/glsa/glsa-200711-30.xml

security.gentoo.org/glsa/glsa-200801-02.xml

security.gentoo.org/glsa/glsa-200801-18.xml

security.gentoo.org/glsa/glsa-200801-19.xml

security.gentoo.org/glsa/glsa-200805-11.xml

www.debian.org/security/2007/dsa-1399

www.debian.org/security/2008/dsa-1570

www.mandriva.com/security/advisories?name=MDKSA-2007:211

www.novell.com/linux/security/advisories/2007_62_pcre.html

www.pcre.org/changelog.txt

www.securityfocus.com/archive/1/483357/100/0/threaded

www.securityfocus.com/archive/1/483579/100/0/threaded

www.securityfocus.com/bid/26346

www.us-cert.gov/cas/techalerts/TA07-352A.html

www.vupen.com/english/advisories/2007/3725

www.vupen.com/english/advisories/2007/3790

www.vupen.com/english/advisories/2007/4238

www.vupen.com/english/advisories/2008/0924/references

exchange.xforce.ibmcloud.com/vulnerabilities/38276

issues.rpath.com/browse/RPL-1738

usn.ubuntu.com/547-1/

www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.7%

JSON

Related for CVE-2007-4766

prion1 debiancve1 ubuntucve1 nessus11 openvas25 osv1 securityvulns2 freebsd1 ubuntu1 fedora1 debian2 suse1 gentoo1