9259 matches found
DEBIAN-CVE-2006-7226
Perl-Compatible Regular Expression PCRE library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of...
I and expression of the day and is Day-vulnerability warning-the black bar safety net
When you first use the expression the way toxss, you definitely dumbfounded, and kept the bomb box, can't close the browser, eventually you can only sacrifice the task Manager the process ends. Maybe your Other TAB pages are filled to the half has not yet submitted the form, you will be expressio...
RHEL 4 : pcre (RHSA-2007:1068)
Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way...
RHEL 3 : pcre (RHSA-2007:1063)
Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way...
pcre miscalculation of memory requirements for malformed Posix character class
Perl-Compatible Regular Expression PCRE library before 6.7 allows context-dependent attackers to cause a denial of service error or crash via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a sequence...
Important: Red Hat Security Advisory: pcre security update
Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : pcre3 vulnerabilities (USN-547-1)
Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. By tricking a user or service into running specially crafted expressions via applications linked against libpcre3, a remote attacker could crash the application, monopolize CPU resources, or possib...
USN-547-1: PCRE vulnerabilities
Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. By tricking a user or service into running specially crafted expressions via applications linked against libpcre3, a remote attacker could crash the application, monopolize CPU resources, or possib...
GLSA-200711-28 : Perl: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200711-28 Perl: Buffer overflow Tavis Ormandy and Will Drewry Google Security Team discovered a heap-based buffer overflow in the Regular Expression engine regcomp.c that occurs when switching from byte to Unicode UTF-8 characters...
Perl: Buffer overflow
Background Perl is a stable, cross-platform programming language created by Larry Wall. Description Tavis Ormandy and Will Drewry Google Security Team discovered a heap-based buffer overflow in the Regular Expression engine regcomp.c that occurs when switching from byte to Unicode UTF-8 character...
CVE-2006-7230
CVE-2006-7230 concerns the PCRE library prior to 7.0, where memory sizing for a compiled regular expression can be miscalculated when the -x or -i UTF-8 options change within the pattern. This can allow a context-dependent attacker to cause a denial of service (PCRE or glibc crash). Affected prod...
CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns namecount or long subpattern names maxnamesize, which triggers a buffer overflow. NOT...
CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns namecount or long subpattern names maxnamesize, which triggers a buffer overflow. NOT...
CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns namecount or long subpattern names maxnamesize, which triggers a buffer overflow. NOT...
CVE-2006-7228
CVE-2006-7228 describes an integer overflow in the PCRE library before 6.7 that can be triggered by certain large min, max, or duplength values in a regex, leading to a context-dependent arbitrary code execution vulnerability. Public sources in the connected documents show this issue together wit...
CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns namecount or long subpattern names maxnamesize, which triggers a buffer overflow. NOT...
Fedora 8 : perl-5.8.8-31.fc8 (2007-3218)
Resolves: CVE-2007-5116: perl regular expression UTF parsing errors Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
RHEL 4 / 5 : pcre (RHSA-2007:1052)
Updated pcre packages that correct security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 15 November 2007 Further analysis of these flaws in PCRE has led to the single C...
Perl Unicode规则表达式缓冲区溢出漏洞
Perl是一款功能强大的编程语言。 Perl的规则表达式引擎存在一个缺陷,远程攻击者可以利用漏洞以Perl进程权限执行任意指令。 在处理Unicode规则表达式时存在一个缓冲区溢出,攻击者构建特殊的输入到规则表达式,可导致Perl不正确分配内存,导致以运行Perl进程的用户进程权限执行任意指令。 RedHat Enterprise Linux Desktop v.5 client RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux v. 5 server RedHat...
Mandrake Linux Security Advisory : pcre (MDKSA-2007:212)
Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the us...