PCRE vulnerabilities

ID USN-547-1
Type ubuntu
Reporter Ubuntu
Modified 2007-11-27T00:00:00


Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. By tricking a user or service into running specially crafted expressions via applications linked against libpcre3, a remote attacker could crash the application, monopolize CPU resources, or possibly execute arbitrary code with the application’s privileges.