cvelistv5 - CVE-2007-4767

CVE-2007-4767 (GCVE-0-2007-4767)

Vulnerability from cvelistv5

Published

2007-11-07 20:00

Modified

2024-08-07 15:08

Severity ?

CWE

Summary

Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.

References

URL

Tags

cve@mitre.org	http://bugs.gentoo.org/show_bug.cgi?id=198976
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307179
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307562
cve@mitre.org	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
cve@mitre.org	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
cve@mitre.org	http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
cve@mitre.org	http://secunia.com/advisories/27538
cve@mitre.org	http://secunia.com/advisories/27543
cve@mitre.org	http://secunia.com/advisories/27554
cve@mitre.org	http://secunia.com/advisories/27697
cve@mitre.org	http://secunia.com/advisories/27741
cve@mitre.org	http://secunia.com/advisories/27773
cve@mitre.org	http://secunia.com/advisories/28136
cve@mitre.org	http://secunia.com/advisories/28406
cve@mitre.org	http://secunia.com/advisories/28414
cve@mitre.org	http://secunia.com/advisories/28714
cve@mitre.org	http://secunia.com/advisories/28720
cve@mitre.org	http://secunia.com/advisories/29267
cve@mitre.org	http://secunia.com/advisories/29420
cve@mitre.org	http://secunia.com/advisories/30106
cve@mitre.org	http://secunia.com/advisories/30155
cve@mitre.org	http://secunia.com/advisories/30219
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200711-30.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200801-02.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200801-18.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200801-19.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200805-11.xml
cve@mitre.org	http://www.debian.org/security/2007/dsa-1399
cve@mitre.org	http://www.debian.org/security/2008/dsa-1570
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:211
cve@mitre.org	http://www.novell.com/linux/security/advisories/2007_62_pcre.html
cve@mitre.org	http://www.pcre.org/changelog.txt
cve@mitre.org	http://www.securityfocus.com/archive/1/483357/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/483579/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26346
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3725
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3790
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4238
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0924/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38277
cve@mitre.org	https://issues.rpath.com/browse/RPL-1738
cve@mitre.org	https://usn.ubuntu.com/547-1/
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=198976
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307562
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27538
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27543
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27554
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27697
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27741
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27773
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28136
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28406
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28414
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28714
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28720
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29267
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29420
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30106
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30155
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30219
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200711-30.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-02.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-18.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-19.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200805-11.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1399
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1570
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:211
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_62_pcre.html
af854a3a-2127-422b-91ae-364da2661108	http://www.pcre.org/changelog.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483357/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483579/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26346
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3725
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3790
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0924/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38277
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1738
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/547-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:08:33.849Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "30219",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30219"
          },
          {
            "name": "29267",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29267"
          },
          {
            "name": "USN-547-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/547-1/"
          },
          {
            "name": "GLSA-200711-30",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
          },
          {
            "name": "ADV-2007-4238",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "20071106 rPSA-2007-0231-1 pcre",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
          },
          {
            "name": "TA07-352A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "27538",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27538"
          },
          {
            "name": "20071112 FLEA-2007-0064-1 pcre",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
          },
          {
            "name": "28136",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "DSA-1570",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1570"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1738"
          },
          {
            "name": "27773",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27773"
          },
          {
            "name": "27697",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27697"
          },
          {
            "name": "28406",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28406"
          },
          {
            "name": "27554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27554"
          },
          {
            "name": "ADV-2008-0924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "name": "27543",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27543"
          },
          {
            "name": "[gtk-devel-list] 20071107 GLib 2.14.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
          },
          {
            "name": "29420",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "GLSA-200805-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
          },
          {
            "name": "APPLE-SA-2008-03-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
          },
          {
            "name": "MDKSA-2007:211",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
          },
          {
            "name": "FEDORA-2008-1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "27741",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27741"
          },
          {
            "name": "ADV-2007-3790",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3790"
          },
          {
            "name": "ADV-2007-3725",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3725"
          },
          {
            "name": "SUSE-SA:2007:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.pcre.org/changelog.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "name": "30155",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30155"
          },
          {
            "name": "pcre-p-sequence-bo(38277)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
          },
          {
            "name": "28720",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28720"
          },
          {
            "name": "GLSA-200801-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
          },
          {
            "name": "GLSA-200801-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
          },
          {
            "name": "GLSA-200801-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
          },
          {
            "name": "DSA-1399",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1399"
          },
          {
            "name": "28414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28414"
          },
          {
            "name": "26346",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26346"
          },
          {
            "name": "30106",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30106"
          },
          {
            "name": "28714",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28714"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "30219",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30219"
        },
        {
          "name": "29267",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29267"
        },
        {
          "name": "USN-547-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/547-1/"
        },
        {
          "name": "GLSA-200711-30",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
        },
        {
          "name": "ADV-2007-4238",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4238"
        },
        {
          "name": "20071106 rPSA-2007-0231-1 pcre",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
        },
        {
          "name": "TA07-352A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
        },
        {
          "name": "27538",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27538"
        },
        {
          "name": "20071112 FLEA-2007-0064-1 pcre",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
        },
        {
          "name": "28136",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28136"
        },
        {
          "name": "DSA-1570",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1570"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1738"
        },
        {
          "name": "27773",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27773"
        },
        {
          "name": "27697",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27697"
        },
        {
          "name": "28406",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28406"
        },
        {
          "name": "27554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27554"
        },
        {
          "name": "ADV-2008-0924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0924/references"
        },
        {
          "name": "27543",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27543"
        },
        {
          "name": "[gtk-devel-list] 20071107 GLib 2.14.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
        },
        {
          "name": "29420",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29420"
        },
        {
          "name": "APPLE-SA-2007-12-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
        },
        {
          "name": "GLSA-200805-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
        },
        {
          "name": "APPLE-SA-2008-03-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
        },
        {
          "name": "MDKSA-2007:211",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
        },
        {
          "name": "FEDORA-2008-1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307179"
        },
        {
          "name": "27741",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27741"
        },
        {
          "name": "ADV-2007-3790",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3790"
        },
        {
          "name": "ADV-2007-3725",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3725"
        },
        {
          "name": "SUSE-SA:2007:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.pcre.org/changelog.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307562"
        },
        {
          "name": "30155",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30155"
        },
        {
          "name": "pcre-p-sequence-bo(38277)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
        },
        {
          "name": "28720",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28720"
        },
        {
          "name": "GLSA-200801-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
        },
        {
          "name": "GLSA-200801-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
        },
        {
          "name": "GLSA-200801-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
        },
        {
          "name": "DSA-1399",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1399"
        },
        {
          "name": "28414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28414"
        },
        {
          "name": "26346",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26346"
        },
        {
          "name": "30106",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30106"
        },
        {
          "name": "28714",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28714"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4767",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "30219",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30219"
            },
            {
              "name": "29267",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29267"
            },
            {
              "name": "USN-547-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/547-1/"
            },
            {
              "name": "GLSA-200711-30",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "20071106 rPSA-2007-0231-1 pcre",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "27538",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27538"
            },
            {
              "name": "20071112 FLEA-2007-0064-1 pcre",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "DSA-1570",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1570"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1738",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1738"
            },
            {
              "name": "27773",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27773"
            },
            {
              "name": "27697",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27697"
            },
            {
              "name": "28406",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28406"
            },
            {
              "name": "27554",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27554"
            },
            {
              "name": "ADV-2008-0924",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0924/references"
            },
            {
              "name": "27543",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27543"
            },
            {
              "name": "[gtk-devel-list] 20071107 GLib 2.14.3",
              "refsource": "MLIST",
              "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
            },
            {
              "name": "29420",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29420"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "GLSA-200805-11",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
            },
            {
              "name": "APPLE-SA-2008-03-18",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
            },
            {
              "name": "MDKSA-2007:211",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
            },
            {
              "name": "FEDORA-2008-1842",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "27741",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27741"
            },
            {
              "name": "ADV-2007-3790",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3790"
            },
            {
              "name": "ADV-2007-3725",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3725"
            },
            {
              "name": "SUSE-SA:2007:062",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
            },
            {
              "name": "http://www.pcre.org/changelog.txt",
              "refsource": "CONFIRM",
              "url": "http://www.pcre.org/changelog.txt"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307562",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307562"
            },
            {
              "name": "30155",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30155"
            },
            {
              "name": "pcre-p-sequence-bo(38277)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
            },
            {
              "name": "28720",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28720"
            },
            {
              "name": "GLSA-200801-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=198976",
              "refsource": "MISC",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
            },
            {
              "name": "GLSA-200801-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
            },
            {
              "name": "GLSA-200801-18",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
            },
            {
              "name": "DSA-1399",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1399"
            },
            {
              "name": "28414",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28414"
            },
            {
              "name": "26346",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26346"
            },
            {
              "name": "30106",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30106"
            },
            {
              "name": "28714",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28714"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4767",
    "datePublished": "2007-11-07T20:00:00",
    "dateReserved": "2007-09-10T00:00:00",
    "dateUpdated": "2024-08-07T15:08:33.849Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-4767\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-11-07T23:46:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\\\p sequence, (2) a \\\\P sequence, or (3) a \\\\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"La librer\u00eda Perl-Compatible Regular Expression (PCRE) anterior a 7.3 no computa adecuadamente la longitud de (1) una secuencia \\\\p, (2) una secuencia \\\\P, o (3) una secuencia \\\\P{x}, lo cual permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (bucle infinito o ca\u00edda) o ejecutar c\u00f3digo de su elecci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.0\",\"matchCriteriaId\":\"546807AB-6BF5-4A4C-A3E4-516C982BA751\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.1\",\"matchCriteriaId\":\"8C79718A-3ECF-4A5B-8C4D-B3458521248B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.3\",\"matchCriteriaId\":\"4523717D-521B-48D3-9664-07489B886917\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=198976\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307562\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27538\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27543\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27554\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27697\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27741\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27773\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28136\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28406\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28414\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28714\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28720\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29267\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29420\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30106\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30155\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30219\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200711-30.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200801-02.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200801-18.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200801-19.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200805-11.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1399\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1570\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:211\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_62_pcre.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.pcre.org/changelog.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/483357/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/483579/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26346\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3725\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3790\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0924/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38277\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1738\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/547-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=198976\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307562\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27538\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27554\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27773\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28406\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28714\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29267\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200711-30.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200801-02.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200801-18.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200801-19.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200805-11.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:211\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_62_pcre.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.pcre.org/changelog.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/483357/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/483579/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26346\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3725\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3790\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0924/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38277\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1738\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/547-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-9cw9-v886-c24m

Vulnerability from github

Published

2022-05-01 18:26

Modified

2025-04-09 03:48

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-4767"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-11-07T23:46:00Z",
    "severity": "MODERATE"
  },
  "details": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.",
  "id": "GHSA-9cw9-v886-c24m",
  "modified": "2025-04-09T03:48:11Z",
  "published": "2022-05-01T18:26:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4767"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1738"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/547-1"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27538"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27543"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27554"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27697"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27741"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27773"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28406"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28414"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28714"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28720"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29267"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30106"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30155"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30219"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1399"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1570"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
    },
    {
      "type": "WEB",
      "url": "http://www.pcre.org/changelog.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26346"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3725"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3790"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2008-AVI-148

Vulnerability from certfr_avis

None

Description

De multiples vulnérabilités ont été découvertes dans le système d'exploitation Apple Mac OS X. L'exploitation de ces vulnérabilités permet à un individu malveillant diverses actions dont exécuter du code arbitaire à distance, effectuer un déni de service, contourner la politique de sécurité, élever ses privilèges et effectuer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité Apple 307562 pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Apple Mac Os X version 10.4.11 et antérieures ;
	Apple	N/A	Apple Mac Os X version 10.5.2 et antérieures.

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307562 du 18 mars 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple Mac Os X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac Os X version 10.5.2 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermet \u00e0 un individu malveillant diverses actions dont ex\u00e9cuter du code\narbitaire \u00e0 distance, effectuer un d\u00e9ni de service, contourner la\npolitique de s\u00e9curit\u00e9, \u00e9lever ses privil\u00e8ges et effectuer une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Apple 307562 pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0063"
    },
    {
      "name": "CVE-2008-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0060"
    },
    {
      "name": "CVE-2007-3847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3847"
    },
    {
      "name": "CVE-2007-6109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6109"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2008-0882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0882"
    },
    {
      "name": "CVE-2007-6336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6336"
    },
    {
      "name": "CVE-2007-2799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2799"
    },
    {
      "name": "CVE-2006-3747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3747"
    },
    {
      "name": "CVE-2007-5000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5000"
    },
    {
      "name": "CVE-2008-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1089"
    },
    {
      "name": "CVE-2008-0005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0005"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2008-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0059"
    },
    {
      "name": "CVE-2008-1000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1000"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-4568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4568"
    },
    {
      "name": "CVE-2007-3378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3378"
    },
    {
      "name": "CVE-2008-0052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0052"
    },
    {
      "name": "CVE-2008-0990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0990"
    },
    {
      "name": "CVE-2008-0995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0995"
    },
    {
      "name": "CVE-2007-0898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0898"
    },
    {
      "name": "CVE-2007-5266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5266"
    },
    {
      "name": "CVE-2008-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0055"
    },
    {
      "name": "CVE-2007-1997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1997"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-6337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6337"
    },
    {
      "name": "CVE-2008-0044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0044"
    },
    {
      "name": "CVE-2008-0045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0045"
    },
    {
      "name": "CVE-2007-5971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5971"
    },
    {
      "name": "CVE-2008-0046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0046"
    },
    {
      "name": "CVE-2008-0047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0047"
    },
    {
      "name": "CVE-2007-6335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6335"
    },
    {
      "name": "CVE-2007-5267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5267"
    },
    {
      "name": "CVE-2007-3725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3725"
    },
    {
      "name": "CVE-2008-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0054"
    },
    {
      "name": "CVE-2008-0996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0996"
    },
    {
      "name": "CVE-2007-5268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5268"
    },
    {
      "name": "CVE-2007-6203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6203"
    },
    {
      "name": "CVE-2008-0051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0051"
    },
    {
      "name": "CVE-2007-3799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3799"
    },
    {
      "name": "CVE-2008-0048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0048"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2006-3334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3334"
    },
    {
      "name": "CVE-2008-0998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0998"
    },
    {
      "name": "CVE-2007-0897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0897"
    },
    {
      "name": "CVE-2008-0318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0318"
    },
    {
      "name": "CVE-2007-6429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6429"
    },
    {
      "name": "CVE-2007-4510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4510"
    },
    {
      "name": "CVE-2007-5269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5269"
    },
    {
      "name": "CVE-2007-5795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5795"
    },
    {
      "name": "CVE-2008-0006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0006"
    },
    {
      "name": "CVE-2008-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0062"
    },
    {
      "name": "CVE-2008-0728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0728"
    },
    {
      "name": "CVE-2007-2445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2445"
    },
    {
      "name": "CVE-2008-0049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0049"
    },
    {
      "name": "CVE-2007-1745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1745"
    },
    {
      "name": "CVE-2007-6427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6427"
    },
    {
      "name": "CVE-2008-0987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0987"
    },
    {
      "name": "CVE-2008-0993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0993"
    },
    {
      "name": "CVE-2008-0988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0988"
    },
    {
      "name": "CVE-2008-0056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0056"
    },
    {
      "name": "CVE-2008-0992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0992"
    },
    {
      "name": "CVE-2006-5793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5793"
    },
    {
      "name": "CVE-2007-6428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6428"
    },
    {
      "name": "CVE-2008-0989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0989"
    },
    {
      "name": "CVE-2005-3352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3352"
    },
    {
      "name": "CVE-2008-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0053"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2008-0050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0050"
    },
    {
      "name": "CVE-2007-5958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5958"
    },
    {
      "name": "CVE-2006-6481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6481"
    },
    {
      "name": "CVE-2008-0994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0994"
    },
    {
      "name": "CVE-2007-6421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6421"
    },
    {
      "name": "CVE-2008-0058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0058"
    },
    {
      "name": "CVE-2007-4752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4752"
    },
    {
      "name": "CVE-2008-0999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0999"
    },
    {
      "name": "CVE-2007-4560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4560"
    },
    {
      "name": "CVE-2007-4990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4990"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-6388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6388"
    },
    {
      "name": "CVE-2008-0596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0596"
    },
    {
      "name": "CVE-2007-4887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4887"
    }
  ],
  "initial_release_date": "2008-03-19T00:00:00",
  "last_revision_date": "2008-03-19T00:00:00",
  "links": [],
  "reference": "CERTA-2008-AVI-148",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-03-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307562 du 18 mars 2008",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    }
  ]
}

CERTA-2007-AVI-551

Vulnerability from certfr_avis

None

Description

De multiples vulnérabilités ont été découvertes dans les systèmes d'exploitation Apple Mac OS X. L'exploitation de ces vulnérabilités permettent à une personne malveillante d'exécuter diverses actions dont l'exécution de code arbitraire à distance, l'atteinte à l'intégrité des données, l'élévation de privilèges ou le contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307179 du 12 décembre 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter diverses actions dont\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance, l\u0027atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es, l\u0027\u00e9l\u00e9vation de privil\u00e8ges ou le contournement de la politique\nde s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4710"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2007-5857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5857"
    },
    {
      "name": "CVE-2007-4351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4351"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-5851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5851"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3876"
    },
    {
      "name": "CVE-2007-4708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4708"
    },
    {
      "name": "CVE-2007-5853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5853"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-1218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1218"
    },
    {
      "name": "CVE-2007-5848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5848"
    },
    {
      "name": "CVE-2007-5770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5770"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4709"
    },
    {
      "name": "CVE-2007-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5863"
    },
    {
      "name": "CVE-2007-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3798"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2007-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5849"
    },
    {
      "name": "CVE-2007-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5858"
    },
    {
      "name": "CVE-2007-4131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4131"
    },
    {
      "name": "CVE-2007-6165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6165"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2007-5855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5855"
    },
    {
      "name": "CVE-2007-5854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5854"
    },
    {
      "name": "CVE-2007-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4965"
    },
    {
      "name": "CVE-2007-5856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5856"
    },
    {
      "name": "CVE-2007-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5850"
    },
    {
      "name": "CVE-2007-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5859"
    },
    {
      "name": "CVE-2007-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5861"
    },
    {
      "name": "CVE-2007-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5860"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-5847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5847"
    }
  ],
  "initial_release_date": "2007-12-19T00:00:00",
  "last_revision_date": "2007-12-19T00:00:00",
  "links": [],
  "reference": "CERTA-2007-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307179 du 12 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    }
  ]
}

CERTA-2007-AVI-513

Vulnerability from certfr_avis

None

Description

La bibliothèque PCRE (Perl Compatible Regular Expressions) est un ensemble de fonctions permettant d'utiliser des expressions régulières construites sémantiquement et syntaxiquement de la même manière que les expressions régulières de Perl.

De multiples vulnérabilités ont été découvertes dans la bibliothèque PCRE. L'exploitation de ces vulnérabilités permet à un utilisateur malintentionné d'effectuer diverses actions telles que le déni de service, l'accès à des données sensibles, ou l'exécution de code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

PCRE versions antérieures à la version 7.3.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Mise à jour de sécurité d'Ubuntu du 27 novembre 2007	None	vendor-advisory
Mise à jour de sécurité Gentoo du 21 novembre 2007	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-547-1 du 27 novembre 2007 :	-	other
Bulletin de sécurité Debian DSA 1399 du 06 novembre 2007 :	-	other
Bulletin de sécurité Gentoo GLSA-200711-30 du 21 novembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003ePCRE versions ant\u00e9rieures \u00e0 la version  7.3.\u003c/p\u003e",
  "content": "## Description\n\nLa biblioth\u00e8que PCRE (Perl Compatible Regular Expressions) est un\nensemble de fonctions permettant d\u0027utiliser des expressions r\u00e9guli\u00e8res\nconstruites s\u00e9mantiquement et syntaxiquement de la m\u00eame mani\u00e8re que les\nexpressions r\u00e9guli\u00e8res de Perl.\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans la biblioth\u00e8que\nPCRE. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s permet \u00e0 un utilisateur\nmalintentionn\u00e9 d\u0027effectuer diverses actions telles que le d\u00e9ni de\nservice, l\u0027acc\u00e8s \u00e0 des donn\u00e9es sensibles, ou l\u0027ex\u00e9cution de code\narbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2006-7230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7230"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2006-7227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7227"
    },
    {
      "name": "CVE-2006-7228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7228"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    }
  ],
  "initial_release_date": "2007-11-30T00:00:00",
  "last_revision_date": "2007-11-30T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-547-1 du 27 novembre 2007 :",
      "url": "http://www.ubuntulinux.org/usn/usn-547-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1399 du 06 novembre 2007 :",
      "url": "http://www.debian.org/security/2007/dsa-1399"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200711-30 du 21 novembre    2007 :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-30.xml"
    }
  ],
  "reference": "CERTA-2007-AVI-513",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-11-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s de la biblioth\u00e8que PCRE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 d\u0027Ubuntu du 27 novembre 2007",
      "url": null
    },
    {
      "published_at": null,
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Gentoo du 21 novembre 2007",
      "url": null
    }
  ]
}

fkie_cve-2007-4767

Vulnerability from fkie_nvd

Published

2007-11-07 23:46

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://bugs.gentoo.org/show_bug.cgi?id=198976
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307179
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307562
cve@mitre.org	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
cve@mitre.org	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
cve@mitre.org	http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
cve@mitre.org	http://secunia.com/advisories/27538
cve@mitre.org	http://secunia.com/advisories/27543
cve@mitre.org	http://secunia.com/advisories/27554
cve@mitre.org	http://secunia.com/advisories/27697
cve@mitre.org	http://secunia.com/advisories/27741
cve@mitre.org	http://secunia.com/advisories/27773
cve@mitre.org	http://secunia.com/advisories/28136
cve@mitre.org	http://secunia.com/advisories/28406
cve@mitre.org	http://secunia.com/advisories/28414
cve@mitre.org	http://secunia.com/advisories/28714
cve@mitre.org	http://secunia.com/advisories/28720
cve@mitre.org	http://secunia.com/advisories/29267
cve@mitre.org	http://secunia.com/advisories/29420
cve@mitre.org	http://secunia.com/advisories/30106
cve@mitre.org	http://secunia.com/advisories/30155
cve@mitre.org	http://secunia.com/advisories/30219
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200711-30.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200801-02.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200801-18.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200801-19.xml
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200805-11.xml
cve@mitre.org	http://www.debian.org/security/2007/dsa-1399
cve@mitre.org	http://www.debian.org/security/2008/dsa-1570
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:211
cve@mitre.org	http://www.novell.com/linux/security/advisories/2007_62_pcre.html
cve@mitre.org	http://www.pcre.org/changelog.txt
cve@mitre.org	http://www.securityfocus.com/archive/1/483357/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/483579/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26346
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3725
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3790
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4238
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0924/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38277
cve@mitre.org	https://issues.rpath.com/browse/RPL-1738
cve@mitre.org	https://usn.ubuntu.com/547-1/
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=198976
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307562
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27538
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27543
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27554
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27697
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27741
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27773
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28136
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28406
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28414
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28714
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28720
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29267
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29420
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30106
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30155
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30219
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200711-30.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-02.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-18.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-19.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200805-11.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1399
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1570
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:211
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_62_pcre.html
af854a3a-2127-422b-91ae-364da2661108	http://www.pcre.org/changelog.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483357/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483579/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26346
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3725
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3790
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0924/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38277
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1738
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/547-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html

Impacted products

Vendor	Product	Version
pcre	pcre	*
pcre	pcre	*
pcre	pcre	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "546807AB-6BF5-4A4C-A3E4-516C982BA751",
              "versionEndIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C79718A-3ECF-4A5B-8C4D-B3458521248B",
              "versionEndIncluding": "6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4523717D-521B-48D3-9664-07489B886917",
              "versionEndIncluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "La librer\u00eda Perl-Compatible Regular Expression (PCRE) anterior a 7.3 no computa adecuadamente la longitud de (1) una secuencia \\p, (2) una secuencia \\P, o (3) una secuencia \\P{x}, lo cual permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (bucle infinito o ca\u00edda) o ejecutar c\u00f3digo de su elecci\u00f3n."
    }
  ],
  "id": "CVE-2007-4767",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-07T23:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27538"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27543"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27554"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27697"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27741"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27773"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28406"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28414"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28714"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28720"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29267"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30106"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30155"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30219"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2007/dsa-1399"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2008/dsa-1570"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.pcre.org/changelog.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26346"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3725"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3790"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1738"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/547-1/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27538"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27773"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29267"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.pcre.org/changelog.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1738"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/547-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2007-4767

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-4767

Aliases

CVE-2007-4767

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-4767",
    "description": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.",
    "id": "GSD-2007-4767",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-4767.html",
      "https://www.debian.org/security/2008/dsa-1570",
      "https://www.debian.org/security/2007/dsa-1399"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-4767"
      ],
      "details": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.",
      "id": "GSD-2007-4767",
      "modified": "2023-12-13T01:21:36.398578Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-4767",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "30219",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30219"
          },
          {
            "name": "29267",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29267"
          },
          {
            "name": "USN-547-1",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/547-1/"
          },
          {
            "name": "GLSA-200711-30",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
          },
          {
            "name": "ADV-2007-4238",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "20071106 rPSA-2007-0231-1 pcre",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
          },
          {
            "name": "TA07-352A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "27538",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27538"
          },
          {
            "name": "20071112 FLEA-2007-0064-1 pcre",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
          },
          {
            "name": "28136",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "DSA-1570",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2008/dsa-1570"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1738",
            "refsource": "CONFIRM",
            "url": "https://issues.rpath.com/browse/RPL-1738"
          },
          {
            "name": "27773",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27773"
          },
          {
            "name": "27697",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27697"
          },
          {
            "name": "28406",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28406"
          },
          {
            "name": "27554",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27554"
          },
          {
            "name": "ADV-2008-0924",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "name": "27543",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27543"
          },
          {
            "name": "[gtk-devel-list] 20071107 GLib 2.14.3",
            "refsource": "MLIST",
            "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
          },
          {
            "name": "29420",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "GLSA-200805-11",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
          },
          {
            "name": "APPLE-SA-2008-03-18",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
          },
          {
            "name": "MDKSA-2007:211",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
          },
          {
            "name": "FEDORA-2008-1842",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307179",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "27741",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27741"
          },
          {
            "name": "ADV-2007-3790",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3790"
          },
          {
            "name": "ADV-2007-3725",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3725"
          },
          {
            "name": "SUSE-SA:2007:062",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
          },
          {
            "name": "http://www.pcre.org/changelog.txt",
            "refsource": "CONFIRM",
            "url": "http://www.pcre.org/changelog.txt"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307562",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "name": "30155",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30155"
          },
          {
            "name": "pcre-p-sequence-bo(38277)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
          },
          {
            "name": "28720",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28720"
          },
          {
            "name": "GLSA-200801-02",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
          },
          {
            "name": "http://bugs.gentoo.org/show_bug.cgi?id=198976",
            "refsource": "MISC",
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
          },
          {
            "name": "GLSA-200801-19",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
          },
          {
            "name": "GLSA-200801-18",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
          },
          {
            "name": "DSA-1399",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2007/dsa-1399"
          },
          {
            "name": "28414",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28414"
          },
          {
            "name": "26346",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26346"
          },
          {
            "name": "30106",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30106"
          },
          {
            "name": "28714",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28714"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4767"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \\p sequence, (2) a \\P sequence, or (3) a \\P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.pcre.org/changelog.txt",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.pcre.org/changelog.txt"
            },
            {
              "name": "DSA-1399",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1399"
            },
            {
              "name": "[gtk-devel-list] 20071107 GLib 2.14.3",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1738",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-1738"
            },
            {
              "name": "GLSA-200711-30",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
            },
            {
              "name": "MDKSA-2007:211",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
            },
            {
              "name": "SUSE-SA:2007:062",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
            },
            {
              "name": "26346",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26346"
            },
            {
              "name": "27538",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27538"
            },
            {
              "name": "27543",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27543"
            },
            {
              "name": "27554",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27554"
            },
            {
              "name": "27741",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27741"
            },
            {
              "name": "27773",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27773"
            },
            {
              "name": "27697",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27697"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=198976",
              "refsource": "MISC",
              "tags": [],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
            },
            {
              "name": "GLSA-200801-02",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
            },
            {
              "name": "28406",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28406"
            },
            {
              "name": "28414",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28414"
            },
            {
              "name": "GLSA-200801-18",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
            },
            {
              "name": "GLSA-200801-19",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
            },
            {
              "name": "28714",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28714"
            },
            {
              "name": "28720",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28720"
            },
            {
              "name": "FEDORA-2008-1842",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
            },
            {
              "name": "29267",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29267"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307562",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=307562"
            },
            {
              "name": "APPLE-SA-2008-03-18",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
            },
            {
              "name": "29420",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29420"
            },
            {
              "name": "GLSA-200805-11",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
            },
            {
              "name": "30155",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30155"
            },
            {
              "name": "30219",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30219"
            },
            {
              "name": "30106",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30106"
            },
            {
              "name": "DSA-1570",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1570"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "ADV-2007-3790",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/3790"
            },
            {
              "name": "ADV-2007-3725",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/3725"
            },
            {
              "name": "ADV-2008-0924",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0924/references"
            },
            {
              "name": "pcre-p-sequence-bo(38277)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38277"
            },
            {
              "name": "USN-547-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/547-1/"
            },
            {
              "name": "20071112 FLEA-2007-0064-1 pcre",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
            },
            {
              "name": "20071106 rPSA-2007-0231-1 pcre",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T21:37Z",
      "publishedDate": "2007-11-07T23:46Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-4767 (GCVE-0-2007-4767)

Vulnerability from cvelistv5

ghsa-9cw9-v886-c24m

Vulnerability from github

CERTA-2008-AVI-148

Vulnerability from certfr_avis

Description

Solution

CERTA-2007-AVI-551

Vulnerability from certfr_avis

Description

Solution

CERTA-2007-AVI-513

Vulnerability from certfr_avis

Description

Solution

fkie_cve-2007-4767

Vulnerability from fkie_nvd

gsd-2007-4767

Vulnerability from gsd

Tags

Sightings

Nomenclature