ID CVE-2015-2305
Summary Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:rxspencer_project:rxspencer:3.8.g5:*:*:*:*:*:*:*
    cpe:2.3:a:rxspencer_project:rxspencer:3.8.g5:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2015:1053
  • rhsa
    id RHSA-2015:1066
refmap via4
apple APPLE-SA-2015-09-30-3
bid 72611
cert-vn VU#695940
confirm
debian DSA-3195
hp
  • HPSBUX03337
  • SSRT102066
misc https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/
mlist
  • [oss-security] 20150207 Spencer regexp heap overflow?
  • [oss-security] 20150311 Re: CVE request: spencer regexp
sectrack 1031947
suse
  • SUSE-SU-2015:0868
  • SUSE-SU-2015:0946
  • openSUSE-SU-2015:0644
  • openSUSE-SU-2015:0906
ubuntu
  • USN-2572-1
  • USN-2594-1
Last major update 30-10-2018 - 16:27
Published 30-03-2015 - 10:59
Back to Top