CVE-2015-2305 - Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer

CVE-2015-2305

Summary

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

References

Vulnerable Configurations

cpe:2.3:a:rxspencer_project:rxspencer:3.8.g5:*:*:*:*:*:*:*
cpe:2.3:a:rxspencer_project:rxspencer:3.8.g5:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc6:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc6:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc7:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc7:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc8:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc8:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.1:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.1:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.1:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.1:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.5:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.5:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.5:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.5:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.6:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.6:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.6:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.6:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.7:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.7:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.7:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.7:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.8:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.8:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.8:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.8:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.9:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.9:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.9:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.9:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.10:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.10:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.10:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.10:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.11:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.11:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.11:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.11:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.16:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.16:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.17:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.17:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.17:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.17:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.20:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.20:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.20:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.20:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.21:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.21:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.21:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.21:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.22:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.22:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.22:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.22:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.23:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.23:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.23:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.23:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.24:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.24:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.24:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.24:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.25:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.25:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.25:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.25:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.26:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.26:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.26:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.26:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.27:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.27:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.27:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.27:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.28:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.28:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.28:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.28:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.29:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.29:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.29:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.29:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.30:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.30:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.30:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.30:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.31:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.31:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.31:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.31:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.31:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.31:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.32:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.32:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.32:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.32:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.32:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.32:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.33:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.33:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.33:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.33:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.33:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.33:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.34:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.34:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.35:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.35:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.36:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.36:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.37:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.37:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.38:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.38:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:rc4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:rc1:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-08-2022 - 13:29)
Impact:
Exploitability:

CWE

CWE-190

CAPEC

Forced Integer Overflow
This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHSA-2015:1053
rhsa
id RHSA-2015:1066

rpms

php55-0:2.0-1.el6
php55-0:2.0-1.el7
php55-php-0:5.5.21-2.el6
php55-php-0:5.5.21-2.el7
php55-php-bcmath-0:5.5.21-2.el6
php55-php-bcmath-0:5.5.21-2.el7
php55-php-cli-0:5.5.21-2.el6
php55-php-cli-0:5.5.21-2.el7
php55-php-common-0:5.5.21-2.el6
php55-php-common-0:5.5.21-2.el7
php55-php-dba-0:5.5.21-2.el6
php55-php-dba-0:5.5.21-2.el7
php55-php-debuginfo-0:5.5.21-2.el6
php55-php-debuginfo-0:5.5.21-2.el7
php55-php-devel-0:5.5.21-2.el6
php55-php-devel-0:5.5.21-2.el7
php55-php-enchant-0:5.5.21-2.el6
php55-php-enchant-0:5.5.21-2.el7
php55-php-fpm-0:5.5.21-2.el6
php55-php-fpm-0:5.5.21-2.el7
php55-php-gd-0:5.5.21-2.el6
php55-php-gd-0:5.5.21-2.el7
php55-php-gmp-0:5.5.21-2.el6
php55-php-gmp-0:5.5.21-2.el7
php55-php-imap-0:5.5.21-2.el6
php55-php-intl-0:5.5.21-2.el6
php55-php-intl-0:5.5.21-2.el7
php55-php-ldap-0:5.5.21-2.el6
php55-php-ldap-0:5.5.21-2.el7
php55-php-mbstring-0:5.5.21-2.el6
php55-php-mbstring-0:5.5.21-2.el7
php55-php-mysqlnd-0:5.5.21-2.el6
php55-php-mysqlnd-0:5.5.21-2.el7
php55-php-odbc-0:5.5.21-2.el6
php55-php-odbc-0:5.5.21-2.el7
php55-php-opcache-0:5.5.21-2.el6
php55-php-opcache-0:5.5.21-2.el7
php55-php-pdo-0:5.5.21-2.el6
php55-php-pdo-0:5.5.21-2.el7
php55-php-pgsql-0:5.5.21-2.el6
php55-php-pgsql-0:5.5.21-2.el7
php55-php-process-0:5.5.21-2.el6
php55-php-process-0:5.5.21-2.el7
php55-php-pspell-0:5.5.21-2.el6
php55-php-pspell-0:5.5.21-2.el7
php55-php-recode-0:5.5.21-2.el6
php55-php-recode-0:5.5.21-2.el7
php55-php-snmp-0:5.5.21-2.el6
php55-php-snmp-0:5.5.21-2.el7
php55-php-soap-0:5.5.21-2.el6
php55-php-soap-0:5.5.21-2.el7
php55-php-tidy-0:5.5.21-2.el6
php55-php-xml-0:5.5.21-2.el6
php55-php-xml-0:5.5.21-2.el7
php55-php-xmlrpc-0:5.5.21-2.el6
php55-php-xmlrpc-0:5.5.21-2.el7
php55-runtime-0:2.0-1.el6
php55-runtime-0:2.0-1.el7
php55-scldevel-0:2.0-1.el6
php55-scldevel-0:2.0-1.el7
php54-0:2.0-1.el6
php54-0:2.0-1.el7
php54-php-0:5.4.40-1.el6
php54-php-0:5.4.40-1.el7
php54-php-bcmath-0:5.4.40-1.el6
php54-php-bcmath-0:5.4.40-1.el7
php54-php-cli-0:5.4.40-1.el6
php54-php-cli-0:5.4.40-1.el7
php54-php-common-0:5.4.40-1.el6
php54-php-common-0:5.4.40-1.el7
php54-php-dba-0:5.4.40-1.el6
php54-php-dba-0:5.4.40-1.el7
php54-php-debuginfo-0:5.4.40-1.el6
php54-php-debuginfo-0:5.4.40-1.el7
php54-php-devel-0:5.4.40-1.el6
php54-php-devel-0:5.4.40-1.el7
php54-php-enchant-0:5.4.40-1.el6
php54-php-enchant-0:5.4.40-1.el7
php54-php-fpm-0:5.4.40-1.el6
php54-php-fpm-0:5.4.40-1.el7
php54-php-gd-0:5.4.40-1.el6
php54-php-gd-0:5.4.40-1.el7
php54-php-imap-0:5.4.40-1.el6
php54-php-intl-0:5.4.40-1.el6
php54-php-intl-0:5.4.40-1.el7
php54-php-ldap-0:5.4.40-1.el6
php54-php-ldap-0:5.4.40-1.el7
php54-php-mbstring-0:5.4.40-1.el6
php54-php-mbstring-0:5.4.40-1.el7
php54-php-mysqlnd-0:5.4.40-1.el6
php54-php-mysqlnd-0:5.4.40-1.el7
php54-php-odbc-0:5.4.40-1.el6
php54-php-odbc-0:5.4.40-1.el7
php54-php-pdo-0:5.4.40-1.el6
php54-php-pdo-0:5.4.40-1.el7
php54-php-pecl-zendopcache-0:7.0.4-3.el6
php54-php-pecl-zendopcache-0:7.0.4-3.el7
php54-php-pecl-zendopcache-debuginfo-0:7.0.4-3.el6
php54-php-pecl-zendopcache-debuginfo-0:7.0.4-3.el7
php54-php-pgsql-0:5.4.40-1.el6
php54-php-pgsql-0:5.4.40-1.el7
php54-php-process-0:5.4.40-1.el6
php54-php-process-0:5.4.40-1.el7
php54-php-pspell-0:5.4.40-1.el6
php54-php-pspell-0:5.4.40-1.el7
php54-php-recode-0:5.4.40-1.el6
php54-php-recode-0:5.4.40-1.el7
php54-php-snmp-0:5.4.40-1.el6
php54-php-snmp-0:5.4.40-1.el7
php54-php-soap-0:5.4.40-1.el6
php54-php-soap-0:5.4.40-1.el7
php54-php-tidy-0:5.4.40-1.el6
php54-php-xml-0:5.4.40-1.el6
php54-php-xml-0:5.4.40-1.el7
php54-php-xmlrpc-0:5.4.40-1.el6
php54-php-xmlrpc-0:5.4.40-1.el7
php54-runtime-0:2.0-1.el6
php54-runtime-0:2.0-1.el7
php54-scldevel-0:2.0-1.el6
php54-scldevel-0:2.0-1.el7

refmap via4

apple	APPLE-SA-2015-09-30-3
bid	72611
cert-vn	VU#695940
confirm	http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html http://php.net/ChangeLog-5.php http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://support.apple.com/HT205267
debian	DSA-3195
hp	HPSBUX03337 SSRT102066
misc	https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/
mlist	[oss-security] 20150207 Spencer regexp heap overflow? [oss-security] 20150311 Re: CVE request: spencer regexp
sectrack	1031947
suse	SUSE-SU-2015:0868 SUSE-SU-2015:0946 openSUSE-SU-2015:0644 openSUSE-SU-2015:0906
ubuntu	USN-2572-1 USN-2594-1

Last major update

16-08-2022 - 13:29

Published

30-03-2015 - 10:59

Last modified

16-08-2022 - 13:29