2 matches found
PCRE字符类缓冲区溢出漏洞
BUGTRAQ ID: 27786 CVECAN ID: CVE-2008-0674 PCRE(Perl兼容正则表达式)库是个开放源代码的软件,可提供正则表达式支持。 PCRE在处理字符类时存在缓冲区溢出漏洞,如果用户发送了codepoint大于255的超长UTF-8字符类的话,就可能触发这个溢出,导致执行任意指令。 PCRE 7.6 Debian ------ Debian已经为此发布了一个安全公告(DSA-1499-1)以及相应补丁: DSA-1499-1:New pcre3 packages fix arbitrary code execution...
Debian DSA-1499-1 : pcre3 - buffer overflow
It was discovered that specially crafted regular expressions involving codepoints greater than 255 could cause a buffer overflow in the PCRE library CVE-2008-0674 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...