6610 matches found
PCRE library buffer overflow
Buffer overflow on regular expresssion compilation...
PCRE compile workspace overflow
In versions of the PCRE regular expression library before 8.02, compiling a very large regular expression will overflow the workspace buffer. Although the code checks for the size of the compiled regular expression, the check only returns true after the end of the buffer has been overrun. The bug...
PCRE Library 8.02 Overflow
In versions of the PCRE regular expression library before 8.02, compiling a very large regular expression will overflow the workspace buffer. Although the code checks for the size of the compiled regular expression, the check only returns true after the end of the buffer has been overrun. The bug...
Integer overflow
Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service stack consumption and application crash by matching a crafted regular expression against a long string...
CVE-2010-1158
Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service stack consumption and application crash by matching a crafted regular expression against a long string...
CVE-2010-1158
Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service stack consumption and application crash by matching a crafted regular expression against a long string...
CVE-2010-1158
Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service stack consumption and application crash by matching a crafted regular expression against a long string...
CVE-2010-0132
Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...
CVE-2010-0132
Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...
Cross site scripting
Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...
CVE-2010-0132
Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...
CVE-2010-0132
Removed by vendor...
Secunia Research: ViewVC Regular Expression Search Cross-Site Scripting
====================================================================== Secunia Research 30/03/2010 - ViewVC Regular Expression Search Cross-Site Scripting - ====================================================================== Table of Contents Affected...
OpenCart 1.3.2 SQL Injection
Andrés Gómez Exploit Title : OpenCart 1.3.2 SQL Injection Date : 07/03/2010 Author : Andrés Gómez Software Link : http://www.coompras.com/opencart/opencart.htm Contact : gomezandres4tadinetdotcom.uy Dork : No DoRk An attacker may execute arbitrary SQL statements on the vulnerable system. This may...
Debian DSA-1874-1 : nss - several vulnerabilities
Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2404 Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the...
CentOS 5 : pcre (CESA-2007:0967)
Updated pcre packages that correct two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Multiple flaws were found in the way...
Code injection
Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...
CVE-2009-3626
Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...
CVE-2009-3372
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...
CVE-2009-3626
Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...