8485 matches found
DEBIAN-CVE-2008-0674
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255...
CVE-2008-0674
CVE-2008-0674 is a buffer overflow in the PCRE library prior to 7.6 that permits remote attackers to execute arbitrary code via a regular expression containing a character class with many Unicode code points above 255. The CVE is listed across multiple vulnerability feeds (e.g., OpenVAS/Nessus en...
GLSA-200802-08 : Boost: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200802-08 Boost: Denial of Service Tavis Ormandy and Will Drewry from the Google Security Team reported a failed assertion in file regex/v4/perlmatchernonrecursive.hpp CVE-2008-0171 and a NULL pointer dereference in function...
Boost: Denial of service
Background Boost is a set of C++ libraries, including the Boost.Regex library to process regular expressions. Description Tavis Ormandy and Will Drewry from the Google Security Team reported a failed assertion in file regex/v4/perlmatchernonrecursive.hpp CVE-2008-0171 and a NULL pointer dereferen...
openSUSE 10 Security Update : pcre (pcre-4980)
Specially crafted regular expressions could lead to a buffer overflow in the pcre library. Applications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security,...
openSUSE 10 Security Update : postgresql (postgresql-4958)
This version update to 8.1.11 fixes among other things several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601 %NASLMINLEVEL 70300 C Tenable...
postgresql DoS via infinite loop in regex NFA optimization code
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service infinite loop via a crafted regular expression...
postgresql: tempory DoS caused by slow regex NFA cleanup
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service memory consumption via a crafted "complex...
Moderate: Red Hat Security Advisory: postgresql security update
Updated postgresql packages that fix several security issues are now available for Red Hat Application Stack v1 and v2. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS...
Debian Security Advisory DSA 1463-1 (postgresql-7.4)
The remote host is missing an update to postgresql-7.4 announced via advisory DSA 1463-1. OpenVAS Vulnerability Test $Id: deb14631.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1463-1 postgresql-7.4 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
Debian Security Advisory DSA 1460-1 (postgresql-8.1)
The remote host is missing an update to postgresql-8.1 announced via advisory DSA 1460-1. OpenVAS Vulnerability Test $Id: deb14601.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1460-1 postgresql-8.1 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
DEBIAN-CVE-2007-4771
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...
CVE-2007-4771
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...
PostgreSQL: Multiple vulnerabilities
Background PostgreSQL is an open source object-relational database management system. Description If using the "expression indexes" feature, PostgreSQL executes index functions as the superuser during VACUUM and ANALYZE instead of the table owner, and allows SET ROLE and SET SESSION AUTHORIZATION...
icu / libicu multiple security vulnerabilities
Multiple vulnerabilities on regular expressions execution...
icu, libicu security update
CentOS Errata and Security Advisory CESA-2008:0090 Updated icu packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The International Components for Unicode ICU...
CVE-2008-0171
regex/v4/perlmatchernonrecursive.hpp in the Boost regex library aka Boost.Regex in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service failed assertion and crash via an invalid regular expression...
Design/Logic Flaw
regex/v4/perlmatchernonrecursive.hpp in the Boost regex library aka Boost.Regex in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service failed assertion and crash via an invalid regular expression...
CVE-2008-0171
regex/v4/perlmatchernonrecursive.hpp in the Boost regex library aka Boost.Regex in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service failed assertion and crash via an invalid regular expression...
CVE-2008-0172
The getrepeattype function in basicregexcreator.hpp in the Boost regex library aka Boost.Regex in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service NULL dereference and crash via an invalid regular expression...