Ubuntu 4.10 / 5.04 : pcre3 vulnerability (USN-173-1)

A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to...

cijfer-vsczpl.pl.txt

!/usr/bin/perl cijfer-vscxpl - Valdersoft Shopping Cart All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-vscxpl.pl -h www.valdersoft.com -d /store [email protected] /$ id;uname -a uid=2526apache gid=2524apache groups=2524apache, 10004psaserv FreeBSD valdersoft.com...

DEBIAN-CVE-2005-4872

Perl-Compatible Regular Expression PCRE library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service crash via a regular expression with a large number of named subpatterns, which triggers a buffer...

CVE-2004-2590

Unspecified vulnerability in meindlSOFT Cute PHP Library aka cphplib 0.46 has unknown impact and attack vectors, related to regular expressions...

CVE-2004-2590

CVE-2004-2590 affects meindlSOFT Cute PHP Library (cphplib) version 0.46. The vulnerability is described as related to regular expressions with unspecified impact and attack vectors. NVD lists a high-severity network-exposed issue (CVSSv2 base score 10.0) with complete impact on confidentiality, ...

Novell Zenworks authorization bypass

Remote diagnostics functions are available to regular user...

[SA17386] SpamAssassin Long Message Header Denial of Service

TITLE: SpamAssassin Long Message Header Denial of Service SECUNIA ADVISORY ID: SA17386 VERIFY ADVISORY: http://secunia.com/advisories/17386/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: SpamAssassin 3.x http://secunia.com/product/4506/ DESCRIPTION: A vulnerability has been...

p5-Mail-SpamAssassin -- long message header denial of service

A Secunia Advisory reports: A vulnerability has been reported in SpamAssassin, which can be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to the use of an inefficient regular expression in "/SpamAssassin/Message.pm" to parse email headers. This ca...

CVE-2005-3420

usercpregister.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signaturebbcodeuid parameter, as demonstrated by injecting an "e" modifier into a pregreplace statement...

CVE-2005-3420

usercpregister.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signaturebbcodeuid parameter, as demonstrated by injecting an "e" modifier into a pregreplace statement...

Debian DSA-817-1 : python2.2 - integer overflow

An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular...

Debian DSA-821-1 : python2.3 - integer overflow

An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular...

Mandrake Linux Security Advisory : pcre (MDKSA-2005:151)

Integer overflow in pcrecompile.c in Perl Compatible Regular Expressions PCRE before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. The updated packages have been patched to...

Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : PCRE library (SSA:2005-242-01)

New PCRE packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A buffer overflow could be triggered by a specially crafted regular expression. Any applications that use PCRE to process untrusted regular expressions may be exploited to run arbitrary...

DSA-821-1 python2.3 - integer overflow

Bulletin has no description...

DSA-819-1 python2.1 - integer overflow

Bulletin has no description...

Python: Heap overflow in the included PCRE library

Background Python is an interpreted, interactive, object-oriented, cross-platform programming language. The "re" Python module provides regular expression functions. Description The "re" Python module makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap...

pcre security update

CentOS Errata and Security Advisory CESA-2005:761-02 Updated pcre packages are now available to correct a security issue. This update has been rated as having moderate security impact by the Red Hat Security Response Team PCRE is a Perl-compatible regular expression library. An integer overflow...

pcre heap overflow

Integer overflow in pcrecompile.c in Perl Compatible Regular Expressions PCRE before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow...

PCRE regular expressions library integer overflow

pcrecompile.c regexp parameter integer overflow...