5 matches found
Security Bulletin:Multiple vulnerabilities in PCRE affect IBM Tivoli Network Manager IP Edition.
Summary Multiple vulnerabilities exist in PCRE v5.x, shipped with IBM Tivoli Network Manager IP Edition. Therefore PCRE 8.38 has been upgraded in IBM Tivoli Network Manager IP Edition. Vulnerability Details CVEID: CVE-2015-3210 DESCRIPTION: PCRE is vulnerable to a heap-based buffer overflow. By...
GLSA-201607-02 : libpcre: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201607-02 libpcre: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in libpcre. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or crea...
FreeBSD : php -- multiple vulnerabilities (85eb4e46-cf16-11e5-840f-485d605f4717)
PHP reports : - Core : - Fixed bug 71039 exec functions ignore length but look for NULL termination. - Fixed bug 71323 Output of streamgetmetadata can be falsified by its input. - Fixed bug 71459 Integer overflow in iptcembed. - PCRE : - Upgraded bundled PCRE library to 8.38.CVE-2015-8383,...
CVE-2015-8389
PCRE before 8.38 mishandles the /?:|a|100x/ pattern and related patterns, which allows remote attackers to cause a denial of service infinite recursion or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konquero...
CVE-2015-8389
CVE-2015-8389 is a PCRE vulnerability where a crafted regular expression such as /(?:|a|){100}x/ can trigger denial of service via infinite recursion. Technical details across connected docs confirm the flaw lies in PCRE before 8.38 and that exploitation affects multiple products; remediation doc...