pcre security update

CentOS Errata and Security Advisory CESA-2007:0968 Updated pcre packages that correct two security flaws are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular...

perl security update

CentOS Errata and Security Advisory CESA-2007:0966 Updated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming...

perl regular expression UTF parsing errors

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine regcomp.c in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode UTF characters in a regular expression...

Important: Red Hat Security Advisory: perl security update

Updated Perl packages that fix security issues for Red Hat Application Stack v1.2 are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilities an...

Important: Red Hat Security Advisory: perl security update

Updated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration...

pcre regular expression flaws

Perl-Compatible Regular Expression PCRE library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code...

Critical: Red Hat Security Advisory: pcre security update

Updated pcre packages that correct two security flaws are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Multiple flaws were found in the way...

Critical: Red Hat Security Advisory: pcre security update

Updated pcre packages that correct two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Multiple flaws were found in the way...

Important: perl security update

5.8.5-36.el45.2.0.1 - Added patch perl-5.8.5-OEL-mock-build.patch to disable test lib/Net/t/hostname.t, so that mock build succeeds 5.8.5-36.el4.2 - Resolves: bug323791 - fix previous patch 5.8.5-36.el4.1 - Resolves: bug323791 - fix regular expression UTF parsing errors...

perl -- regular expressions unicode data buffer overflow

Red Hat reports: A flaw was found in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, possibly resulting in arbitrary code running with the permissions of the user running Perl...

CVE-2007-2836

Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...

Directory traversal

Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...

CVE-2007-2836

Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...

mod_perl PerlRun denial of service

PerlRun.pm in Apache modperl before 1.30, and RegistryCooker.pm in modperl 2.x, does not properly escape PATHINFO before use in a regular expression, which allows remote attackers to cause a denial of service resource consumption via a crafted URI...

Design/Logic Flaw

blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ss...

CVE-2007-2765

blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ss...

CVE-2007-2765

CVE-2007-2765 concerns BlockHosts prior to 2.0.3, where improper parsing of daemon logs lets remote attackers add arbitrary entries to /etc/hosts.allow, enabling a denial of service by injecting IPs into a log file. Related entries (e.g., CVE-2007-4322/4323) describe a similar issue affecting Blo...

CVE-2007-2162

1 Mozilla Firefox 2.0.0.3 and 2 GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial of service browser crash or system hang via JavaScript that matches a regular expression against a long string, as demonstrated using /./...

Design/Logic Flaw

Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service browser hang via JavaScript that matches a regular expression against a long string, as demonstrated using /./...

Design/Logic Flaw

Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service browser crash or abort via JavaScript that matches a regular expression against a long string, as demonstrated using /./...