Lucene search

PRIOn knowledge basePRION:CVE-2007-1659

HistoryNov 07, 2007 - 11:46 p.m.

Code injection

2007-11-0723:46:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

91.7%

JSON

Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched “\Q\E” sequences with orphan “\E” codes.

CPENameOperatorVersion
pcrele7.3

CPE	Name	Operator	Version
	pcre	le	7.3

References

bugs.gentoo.org/show_bug.cgi?id=198976

docs.info.apple.com/article.html?artnum=307179

docs.info.apple.com/article.html?artnum=307562

lists.apple.com/archives/security-announce/2007/Dec/msg00002.html

lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html

mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html

secunia.com/advisories/27538

secunia.com/advisories/27543

secunia.com/advisories/27547

secunia.com/advisories/27554

secunia.com/advisories/27598

secunia.com/advisories/27697

secunia.com/advisories/27741

secunia.com/advisories/27773

secunia.com/advisories/27965

secunia.com/advisories/28041

secunia.com/advisories/28136

secunia.com/advisories/28406

secunia.com/advisories/28414

secunia.com/advisories/28658

secunia.com/advisories/28714

secunia.com/advisories/28720

secunia.com/advisories/29267

secunia.com/advisories/29420

secunia.com/advisories/30106

secunia.com/advisories/30155

secunia.com/advisories/30219

security.gentoo.org/glsa/glsa-200711-30.xml

security.gentoo.org/glsa/glsa-200801-02.xml

security.gentoo.org/glsa/glsa-200801-18.xml

security.gentoo.org/glsa/glsa-200801-19.xml

security.gentoo.org/glsa/glsa-200805-11.xml

securitytracker.com/id?1018895

support.avaya.com/elmodocs2/security/ASA-2007-505.htm

www.debian.org/security/2007/dsa-1399

www.debian.org/security/2008/dsa-1570

www.mandriva.com/security/advisories?name=MDKSA-2007:211

www.mandriva.com/security/advisories?name=MDKSA-2007:212

www.mandriva.com/security/advisories?name=MDVSA-2008:030

www.novell.com/linux/security/advisories/2007_25_sr.html

www.novell.com/linux/security/advisories/2007_62_pcre.html

www.pcre.org/changelog.txt

www.redhat.com/support/errata/RHSA-2007-0967.html

www.redhat.com/support/errata/RHSA-2007-1068.html

www.securityfocus.com/archive/1/483357/100/0/threaded

www.securityfocus.com/archive/1/483579/100/0/threaded

www.securityfocus.com/bid/26346

www.us-cert.gov/cas/techalerts/TA07-352A.html

www.vupen.com/english/advisories/2007/3725

www.vupen.com/english/advisories/2007/3790

www.vupen.com/english/advisories/2007/4238

www.vupen.com/english/advisories/2008/0924/references

exchange.xforce.ibmcloud.com/vulnerabilities/38272

issues.rpath.com/browse/RPL-1738

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9725

usn.ubuntu.com/547-1/

www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html

7.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

91.7%

JSON

Related for PRION:CVE-2007-1659