Vulnerability CVE-2008-0674: Information

Description

Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.

Severity: HIGH (7.5)

URL: https://nvd.nist.gov/vuln/detail/CVE-2008-0674

Published: Feb. 19, 2008

Modified: Oct. 16, 2018

Error type identifier: CWE-119

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://pcre.org/changelog.txt
https://bugzilla.redhat.com/show_bug.cgi?id=431660
http://ftp.gnome.org/pub/gnome/sources/glib/2.14/glib-2.14.6.news
DSA-1499
FEDORA-2008-1533
FEDORA-2008-1783
SUSE-SR:2008:004
27786
28923
28960
28985
28996
28957
29027
29048
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0086
https://issues.rpath.com/browse/RPL-2223
MDVSA-2008:053
29175
http://wiki.rpath.com/Advisories:rPSA-2008-0086
FEDORA-2008-1842
29267
GLSA-200803-24
29282
[oss-security] 20080502 CVE Request (PHP)
http://www.php.net/ChangeLog-5.php
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
https://issues.rpath.com/browse/RPL-2503
29009
30048
30345
31326
APPLE-SA-2008-07-31
APPLE-SA-2008-10-09
31681
http://support.apple.com/kb/HT3216
32222
http://support.apple.com/kb/HT3757
APPLE-SA-2009-08-05-1
ADV-2009-2172
36096
1022674
TA09-218A	US Government Resource
ADV-2008-2268
ADV-2008-2780
ADV-2008-0592
ADV-2008-1412
ADV-2008-0570
32746
GLSA-200811-05
pcre-characterclass-bo(40505)
USN-581-1
20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl
20080228 rPSA-2008-0086-1 pcre

Affected configurations:
1. Configuration 1
  cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*
  End including
  7.5

Version: v24.5.3

Vulnerability CVE-2008-0674: Information

Description

References to Advisories, Solutions, and Tools

Configuration 1