Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2491

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2491
Last Modified 06 Sep 2011 09:41:42
Published 23 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2491

Summary

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

Vulnerable Systems

Application

  • Pcre 5.0

  • Pcre 6.0

  • Pcre 6.1


References

SECTRACK - 1014744

VUPEN - ADV-2006-4502

VUPEN - ADV-2006-4320

VUPEN - ADV-2006-0789

VUPEN - ADV-2005-2659

VUPEN - ADV-2005-1511

BID - 14620

HP - SSRT051251

HP - SSRT090208

HP - HPSBOV02683

HP - SSRT061238

BID - 15647

FEDORA - FLSA:168516

REDHAT - RHSA-2006:0197

REDHAT - RHSA-2005:761

REDHAT - RHSA-2005:358

CONFIRM - http://www.php.net/release_4_4_1.php

SUSE - SUSE-SA:2005:052

SUSE - SUSE-SA:2005:049

SUSE - SUSE-SA:2005:048

GENTOO - GLSA-200509-19

GENTOO - GLSA-200509-12

GENTOO - GLSA-200509-02

GENTOO - GLSA-200509-08

CONFIRM - http://www.ethereal.com/appnotes/enpa-sa-00021.html

DEBIAN - DSA-821

DEBIAN - DSA-819

DEBIAN - DSA-817

DEBIAN - DSA-800

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf

SUNALERT - 102198

SREASON - 604

SECUNIA - 22875

SECUNIA - 22691

SECUNIA - 21522

SECUNIA - 19532

SECUNIA - 19193

SECUNIA - 19072

SECUNIA - 17813

SECUNIA - 17252

SECUNIA - 16679

SECUNIA - 16502

OPENPKG - OpenPKG-SA-2005.018

SUSE - SUSE-SA:2005:051

TRUSTIX - TSLSA-2005-0059

APPLE - APPLE-SA-2005-11-29

SGI - 20060401-01-U

SCO - SCOSA-2006.10

HP - HPSBUX02074

HP - HPSBMA02159


Last Updated: 27 May 2016 10:50:02