Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4768

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-4768
Last Modified 27 Aug 2013 01:47:41
Published 07 Nov 2007 06:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4768

Summary

Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.

Vulnerable Systems

Application

  • Pcre 6.0

  • Pcre 6.1

  • Pcre 7.3


References

CERT - TA07-355A

CERT - TA07-352A

CONFIRM - https://issues.rpath.com/browse/RPL-1738

XF - pcre-class-unicode-bo(38278)

VUPEN - ADV-2008-1966

VUPEN - ADV-2008-1724

VUPEN - ADV-2008-0924

VUPEN - ADV-2007-4258

VUPEN - ADV-2007-4238

VUPEN - ADV-2007-3790

VUPEN - ADV-2007-3725

UBUNTU - USN-547-1

BID - 26346

BUGTRAQ - 20071112 FLEA-2007-0064-1 pcre

BUGTRAQ - 20071106 rPSA-2007-0231-1 pcre

REDHAT - RHSA-2007:1126

MANDRIVA - MDKSA-2007:211

GENTOO - GLSA-200801-07

DEBIAN - DSA-1570

DEBIAN - DSA-1399

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb07-20.html

SUNALERT - 239286

SECTRACK - 1019116

GENTOO - GLSA-200801-19

GENTOO - GLSA-200801-18

GENTOO - GLSA-200801-02

GENTOO - GLSA-200711-30

SECUNIA - 30840

SECUNIA - 30106

SECUNIA - 28720

SECUNIA - 28714

SECUNIA - 28570

SECUNIA - 28414

SECUNIA - 28406

SECUNIA - 28161

SECUNIA - 28157

SECUNIA - 28136

SECUNIA - 27741

SECUNIA - 27697

SECUNIA - 27554

SECUNIA - 27543

SECUNIA - 27538

MLIST - [gtk-devel-list] 20071107 GLib 2.14.3

APPLE - APPLE-SA-2007-12-17

CONFIRM - http://docs.info.apple.com/article.html?artnum=307179

MISC - http://bugs.gentoo.org/show_bug.cgi?id=198976

FEDORA - FEDORA-2008-1842

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-13.html

SUNALERT - 238305

GENTOO - GLSA-200805-11

SECUNIA - 30507

SECUNIA - 30219

SECUNIA - 30155

SECUNIA - 29420

SECUNIA - 29267

SECUNIA - 28213

SUSE - SUSE-SA:2007:069

APPLE - APPLE-SA-2008-03-18

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

Related Patches

Apple 2007-12-17 Security Update 2007-009 (10.4.11 PPC)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.4.11 PPC)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.4.11 Universal)

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)

Adobe Acrobat 7.1.0 Update for Mac

Adobe APSB07-20 Flash Player 9.0.r115 for IE (Upgrade) (All Languages)

Adobe Flash Player 9.0.115 for Mac OS X (PPC)

Adobe Flash Player 9.0.115 for Mac OS X (Universal)

Adobe Reader 8.1.2 Update for Macintosh (PPC) (Rev 2)

Adobe Reader 8.1.2 Update (See Note) (Rev 6)


Last Updated: 27 May 2016 10:45:58