ID CVE-2017-9225
Summary An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in unicode_unfold_key(). A malformed regular expression could result in 4 bytes being written off the end of a stack buffer of expand_case_fold_string() during the call to onigenc_unicode_get_case_fold_codes_by_str(), a typical stack buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:oniguruma_project:oniguruma:6.2.0
    cpe:2.3:a:oniguruma_project:oniguruma:6.2.0
  • cpe:2.3:a:php:php:7.1.5:-:-:-:-:oniguruma-mod
    cpe:2.3:a:php:php:7.1.5:-:-:-:-:oniguruma-mod
  • cpe:2.3:a:ruby-lang:ruby:2.4.1:-:-:-:-:oniguruma-mod
    cpe:2.3:a:ruby-lang:ruby:2.4.1:-:-:-:-:oniguruma-mod
CVSS
Base: 7.5
Impact:
Exploitability:
CWE CWE-787
CAPEC
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-60997F0D14.NASL
    description Multiple security flaws were found on oniguruma currently being shipped on Fedora. This new rpm should fix the issue. Fixed CVEs: CVE-2017-9226 CVE-2017-9225 CVE-2017-9224 CVE-2017-9227 CVE-2017-9229 CVE-2017-9228 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 100730
    published 2017-06-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100730
    title Fedora 25 : oniguruma (2017-60997f0d14)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-EE01A2CED6.NASL
    description Multiple security flaws were found on the previous version of oniguruma. This new version should fix the issue. Fixed CVEs: CVE-2017-9226 CVE-2017-9225 CVE-2017-9224 CVE-2017-9227 CVE-2017-9229 CVE-2017-9228 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-02
    plugin id 101745
    published 2017-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101745
    title Fedora 26 : oniguruma (2017-ee01a2ced6)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2017-0021.NASL
    description An update of [zlib,bindutils,ruby,krb5,sudo] packages for PhotonOS has been released.
    last seen 2019-02-21
    modified 2019-02-07
    plugin id 111870
    published 2018-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111870
    title Photon OS 1.0: Bindutils / Krb5 / Ruby / Sudo / Zlib PHSA-2017-0021 (deprecated)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2017-0021_RUBY.NASL
    description An update of the ruby package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 121702
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121702
    title Photon OS 1.0: Ruby PHSA-2017-0021
refmap via4
confirm
Last major update 24-05-2017 - 11:29
Published 24-05-2017 - 11:29
Last modified 02-06-2017 - 10:14
Back to Top