6683 matches found
CVE-2007-1659
Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes...
CVE-2007-4768
CVE-2007-4768 describes a heap-based buffer overflow in the PCRE library (before 7.3) that can be triggered by a singleton Unicode sequence in a character class in a regex pattern, enabling context-dependent attackers to execute arbitrary code. Connected advisories (e.g., RHSA-2007-1126, Ubuntu U...
CVE-2007-1661
CVE-2007-1661 affects the Perl-Compatible Regular Expression (PCRE) library prior to 7.3, where backtracking can occur when matching certain input bytes against some patterns in non‑UTF‑8 mode, potentially exposing sensitive information or causing a denial of service (crash). The description expl...
RHEL 3 / 4 / 5 : perl (RHSA-2007:0966)
Updated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration...
RHEL 4 : pcre (RHSA-2007:0968)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2007:0968 advisory. PCRE is a Perl-compatible regular expression library. Multiple flaws were found in the way pcre handles certain malformed regular expressions. If an...
Mandrake Linux Security Advisory : perl (MDKSA-2007:207)
Tavis Ormandy and Will Drewry discovered a flaw in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, resulting in the possible execution of arbitrary code with the permissions of the user running Perl. Updated packages...
pcre security update
CentOS Errata and Security Advisory CESA-2007:0968 Updated pcre packages that correct two security flaws are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular...
perl security update
CentOS Errata and Security Advisory CESA-2007:0966 Updated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming...
perl regular expression UTF parsing errors
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine regcomp.c in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode UTF characters in a regular expression...
Important: Red Hat Security Advisory: perl security update
Updated Perl packages that fix security issues for Red Hat Application Stack v1.2 are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilities an...
Important: Red Hat Security Advisory: perl security update
Updated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration...
Critical: Red Hat Security Advisory: pcre security update
Updated pcre packages that correct two security flaws are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Multiple flaws were found in the way...
pcre regular expression flaws
Perl-Compatible Regular Expression PCRE library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code...
Critical: Red Hat Security Advisory: pcre security update
Updated pcre packages that correct two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Multiple flaws were found in the way...
Important: perl security update
5.8.5-36.el45.2.0.1 - Added patch perl-5.8.5-OEL-mock-build.patch to disable test lib/Net/t/hostname.t, so that mock build succeeds 5.8.5-36.el4.2 - Resolves: bug323791 - fix previous patch 5.8.5-36.el4.1 - Resolves: bug323791 - fix regular expression UTF parsing errors...
perl -- regular expressions unicode data buffer overflow
Red Hat reports: A flaw was found in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, possibly resulting in arbitrary code running with the permissions of the user running Perl...
Directory traversal
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
mod_perl PerlRun denial of service
PerlRun.pm in Apache modperl before 1.30, and RegistryCooker.pm in modperl 2.x, does not properly escape PATHINFO before use in a regular expression, which allows remote attackers to cause a denial of service resource consumption via a crafted URI...