ID CVE-2007-1662
Summary Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references.
References
Vulnerable Configurations
  • cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*
    cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 16-10-2018 - 16:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
apple
  • APPLE-SA-2007-12-17
  • APPLE-SA-2008-03-18
bid 26346
bugtraq
  • 20071106 rPSA-2007-0231-1 pcre
  • 20071112 FLEA-2007-0064-1 pcre
cert TA07-352A
confirm
debian
  • DSA-1399
  • DSA-1570
fedora FEDORA-2008-1842
gentoo
  • GLSA-200711-30
  • GLSA-200801-02
  • GLSA-200801-18
  • GLSA-200801-19
  • GLSA-200805-11
mandriva MDKSA-2007:211
misc http://bugs.gentoo.org/show_bug.cgi?id=198976
mlist [gtk-devel-list] 20071107 GLib 2.14.3
secunia
  • 27538
  • 27543
  • 27554
  • 27697
  • 27741
  • 28136
  • 28406
  • 28414
  • 28714
  • 28720
  • 29267
  • 29420
  • 30106
  • 30155
  • 30219
ubuntu USN-547-1
vupen
  • ADV-2007-3725
  • ADV-2007-3790
  • ADV-2007-4238
  • ADV-2008-0924
xf pcre-unmatched-dos(38275)
Last major update 16-10-2018 - 16:39
Published 07-11-2007 - 23:46
Back to Top