Lucene search
SuseSUSE-SA:2007:062HistoryNov 23, 2007 - 3:35 p.m.
remote code execution in pcre
2007-11-2315:35:33
lists.opensuse.org
12
0.039 Low
EPSS
Percentile
90.9%
Specially crafted regular expressions could lead to buffer overflows in the pcre library. Applications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code as the user running the application.
Solution
There is no known workaround, please install the update packages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 10.3 | ppc | pcre-devel | < 7.2-14.2 | pcre-devel-7.2-14.2.ppc.rpm |
| openSUSE | 10.1 | i586 | pcre | < 6.4-14.12 | pcre-6.4-14.12.i586.rpm |
| openSUSE | 10.0 | ppc | pcre | < 6.2-2.6 | pcre-6.2-2.6.ppc.rpm |
| openSUSE | 10.3 | x86_64 | pcre-devel | < 7.2-14.2 | pcre-devel-7.2-14.2.x86_64.rpm |
| SUSE Linux Enterprise Software Development Kit | 10.1 | ppc | pcre-devel | < 6.4-14.12 | pcre-devel-6.4-14.12.ppc.rpm |
| SUSE Linux Enterprise Server | 10.1 | s390x | pcre | < 6.4-14.12 | pcre-6.4-14.12.s390x.rpm |
| openSUSE | 10.0 | ppc | pcre-devel | < 6.2-2.6 | pcre-devel-6.2-2.6.ppc.rpm |
| openSUSE | 10.1 | x86_64 | pcre-devel | < 6.4-14.12 | pcre-devel-6.4-14.12.x86_64.rpm |
| openSUSE | 10.0 | i586 | pcre-devel | < 6.2-2.6 | pcre-devel-6.2-2.6.i586.rpm |
| openSUSE | 10.0 | i586 | pcre | < 6.2-2.6 | pcre-6.2-2.6.i586.rpm |
Related
openvas
openvas
SuSE Update for pcre SUSE-SA:2007:062
2009-01-28 00:00:00
Gentoo Security Advisory GLSA 200805-11 (chicken)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200711-30 (libpcre)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution
2007-11-05 20:22:19
nessus
nessus
GLSA-200711-30 : PCRE: Multiple vulnerabilities
2007-11-26 00:00:00
openSUSE 10 Security Update : pcre (pcre-4683)
2007-11-20 00:00:00
Debian DSA-1570-1 : kazehakase - various
2008-05-09 00:00:00
gentoo
gentoo
PCRE: Multiple vulnerabilities
2007-11-20 00:00:00
Python: PCRE Integer overflow
2008-02-23 00:00:00
ubuntu
ubuntu
PCRE vulnerabilities
2007-11-27 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution
2007-11-07 00:00:00
PCRE and perl regular expression handling multiple security vulnerabilities
2007-11-07 00:00:00
[ GLSA 200802-10 ] Python: PCRE Integer overflow
2008-02-26 00:00:00
freebsd
freebsd
pcre -- arbitrary code execution
2007-11-05 00:00:00
osv
osv
pcre3 - arbitrary code execution
2007-11-05 00:00:00
oraclelinux
oraclelinux
Important: pcre security update
2007-11-30 00:00:00
Important: pcre security update
2007-12-04 00:00:00
Critical: pcre security update
2007-11-05 00:00:00
cve
cve
fedora
fedora
[SECURITY] Fedora 7 Update: pcre-7.3-3.fc7
2008-03-06 16:37:25
centos
centos
pcre security update
2007-11-30 03:00:27
pcre security update
2007-11-29 16:25:21
pcre security update
2007-11-10 05:09:58
redhat
redhat
(RHSA-2007:1052) Important: pcre security update
2007-11-09 00:00:00
(RHSA-2007:1065) Moderate: pcre security update
2007-11-29 00:00:00
(RHSA-2007:1063) Important: pcre security update
2007-11-29 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
vmware
vmware
Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
2008-04-15 00:00:00
Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
2008-04-15 00:00:00
Updated aacraid driver and Samba and Python service console updates
2008-02-04 00:00:00
suse
suse
remote code execution in php4, php5
2008-01-29 14:18:48
prion
prion
Integer overflow
2007-11-07 23:46:00
Code injection
2007-11-07 23:46:00
Code injection
2007-11-07 23:46:00