ID CVE-2005-2491
Summary Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:pcre:pcre:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:pcre:pcre:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:pcre:pcre:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:pcre:pcre:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:pcre:pcre:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:pcre:pcre:6.1:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-10-2018 - 15:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2013-04-29T04:14:32.292-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
    family unix
    id oval:org.mitre.oval:def:11516
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
    version 31
  • accepted 2007-10-02T08:08:09.337-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Todd Dolinsky
      organization Opsware, Inc.
    description Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
    family unix
    id oval:org.mitre.oval:def:1496
    status accepted
    submitted 2006-03-18T07:24:00.000-04:00
    title Webproxy Integer Overflow in pcre_compile
    version 36
  • accepted 2007-10-02T08:08:10.207-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Todd Dolinsky
      organization Opsware, Inc.
    description Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
    family unix
    id oval:org.mitre.oval:def:1659
    status accepted
    submitted 2006-03-18T07:24:00.000-04:00
    title VirusVault Integer Overflow in pcre_compile
    version 36
  • accepted 2006-01-25T07:30:00.000-04:00
    class vulnerability
    contributors
    name Robert L. Hollis
    organization ThreatGuard, Inc.
    description Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
    family unix
    id oval:org.mitre.oval:def:735
    status accepted
    submitted 2005-11-30T12:00:00.000-04:00
    title Apache Integer Overflow in pcre_compile.c
    version 35
redhat via4
advisories
  • bugzilla
    id 166335
    title CVE-2005-2491 PCRE heap overflow
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • comment python is earlier than 0:2.3.4-14.2
            oval oval:com.redhat.rhsa:tst:20060197001
          • comment python is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060197002
        • AND
          • comment python-devel is earlier than 0:2.3.4-14.2
            oval oval:com.redhat.rhsa:tst:20060197003
          • comment python-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060197004
        • AND
          • comment python-docs is earlier than 0:2.3.4-14.2
            oval oval:com.redhat.rhsa:tst:20060197005
          • comment python-docs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060197006
        • AND
          • comment python-tools is earlier than 0:2.3.4-14.2
            oval oval:com.redhat.rhsa:tst:20060197007
          • comment python-tools is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060197008
        • AND
          • comment tkinter is earlier than 0:2.3.4-14.2
            oval oval:com.redhat.rhsa:tst:20060197009
          • comment tkinter is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060197010
    rhsa
    id RHSA-2006:0197
    released 2006-03-09
    severity Moderate
    title RHSA-2006:0197: python security update (Moderate)
  • rhsa
    id RHSA-2005:358
  • rhsa
    id RHSA-2005:761
rpms
  • exim-0:4.43-1.RHEL4.5
  • exim-debuginfo-0:4.43-1.RHEL4.5
  • exim-doc-0:4.43-1.RHEL4.5
  • exim-mon-0:4.43-1.RHEL4.5
  • exim-sa-0:4.43-1.RHEL4.5
  • pcre-0:3.9-10.2
  • pcre-0:4.5-3.2.RHEL4
  • pcre-debuginfo-0:3.9-10.2
  • pcre-debuginfo-0:4.5-3.2.RHEL4
  • pcre-devel-0:3.9-10.2
  • pcre-devel-0:4.5-3.2.RHEL4
  • python-0:2.2.3-6.2
  • python-0:2.3.4-14.2
  • python-debuginfo-0:2.2.3-6.2
  • python-debuginfo-0:2.3.4-14.2
  • python-devel-0:2.2.3-6.2
  • python-devel-0:2.3.4-14.2
  • python-docs-0:2.3.4-14.2
  • python-tools-0:2.2.3-6.2
  • python-tools-0:2.3.4-14.2
  • tkinter-0:2.2.3-6.2
  • tkinter-0:2.3.4-14.2
refmap via4
apple APPLE-SA-2005-11-29
bid
  • 14620
  • 15647
confirm
debian
  • DSA-800
  • DSA-817
  • DSA-819
  • DSA-821
fedora FLSA:168516
gentoo
  • GLSA-200508-17
  • GLSA-200509-02
  • GLSA-200509-08
  • GLSA-200509-12
  • GLSA-200509-19
hp
  • HPSBMA02159
  • HPSBOV02683
  • HPSBUX02074
  • SSRT051251
  • SSRT061238
  • SSRT090208
mlist
  • [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
openpkg OpenPKG-SA-2005.018
sco SCOSA-2006.10
sectrack 1014744
secunia
  • 16502
  • 16679
  • 17252
  • 17813
  • 19072
  • 19193
  • 19532
  • 21522
  • 22691
  • 22875
sgi 20060401-01-U
sreason 604
sunalert 102198
suse
  • SUSE-SA:2005:048
  • SUSE-SA:2005:049
  • SUSE-SA:2005:051
  • SUSE-SA:2005:052
trustix TSLSA-2005-0059
vupen
  • ADV-2005-1511
  • ADV-2005-2659
  • ADV-2006-0789
  • ADV-2006-4320
  • ADV-2006-4502
statements via4
contributor Mark J Cox
lastmodified 2008-07-02
organization Apache
statement Fixed in Apache 2.0.55: http://httpd.apache.org/security/vulnerabilities_20.html
Last major update 19-10-2018 - 15:33
Published 23-08-2005 - 04:00
Last modified 19-10-2018 - 15:33
Back to Top