9086 matches found
[SECURITY] Fedora 23 Update: pcre-8.37-4.fc23
Perl-compatible regular expression library. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow...
FreeBSD : pcre -- heap overflow vulnerability (6900e6f1-4a79-11e5-9ad8-14dae9d210b8)
Guanxing Wen reports : PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. The Heap Overflow vulnerability is caused by the...
pcre -- heap overflow vulnerability
Guanxing Wen reports: PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. The Heap Overflow vulnerability is caused by the followi...
CVE-2015-3798
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression, a different vulnerability than CVE-2015-3796 and...
Memory corruption
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression, a different vulnerability than CVE-2015-3796 and...
Memory corruption
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression, a different vulnerability than CVE-2015-3797 and...
DEBIAN-CVE-2013-7422
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service application crash via a long digit string associated with an invalid backreference within a regula...
CVE-2013-7422
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service application crash via a long digit string associated with an invalid backreference within a regula...
CVE-2013-7422
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service application crash via a long digit string associated with an invalid backreference within a regula...
CVE-2015-3797
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression, a different vulnerability than CVE-2015-3796 and...
CVE-2015-3796
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression, a different vulnerability than CVE-2015-3797 and...
CVE-2015-3798
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression, a different vulnerability than CVE-2015-3796 and...
[SECURITY] Fedora 22 Update: pcre-8.37-3.fc22
Perl-compatible regular expression library. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow...
Tomcat/JbossWeb: security manager bypass via EL expressions
It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections...
Tomcat/JbossWeb: security manager bypass via EL expressions
It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections...
FreeBSD : pcre -- heap overflow vulnerability in '(?|' situations (ff0acfb4-3efa-11e5-93ad-002590263bf5)
Venustech ADLAB reports : PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. Exploits with advanced Heap Fengshui techniques may...
Discuz! X-Series remote code execution vulnerability analysis-vulnerability warning-the black bar safety net
0x01 vulnerability root causes The root of the problem is that the api/uc. php file in the updatebadwords method, the code is as follows: function updatebadwords$get, $post global $G; if! APIUPDATEBADWORDS return APIRETURNFORBIDDEN; $data = array; ifisarray$post foreach$post as $k = $v...
pcre -- heap overflow vulnerability in '(?|' situations
Venustech ADLAB reports: PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. Exploits with advanced Heap Fengshui techniques may...
Scientific Linux Security Update : grep on SL6.x i386/x86_64 (20150722)
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privilege...
[USN-2694-1] PCRE vulnerabilities
========================================================================== Ubuntu Security Notice USN-2694-1 July 29, 2015 pcre3 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...