Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2371

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2371
Last Modified 30 Oct 2012 10:57:30
Published 07 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2371

Summary

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

Vulnerable Systems

Application

  • Pcre 7.7


References

CERT - TA09-133A

FEDORA - FEDORA-2008-6048

FEDORA - FEDORA-2008-6025

VUPEN - ADV-2010-0833

VUPEN - ADV-2009-1297

VUPEN - ADV-2008-2780

VUPEN - ADV-2008-2336

VUPEN - ADV-2008-2006

VUPEN - ADV-2008-2005

UBUNTU - USN-628-1

UBUNTU - USN-624-1

BID - 31681

BID - 30087

BUGTRAQ - 20081027 rPSA-2008-0305-1 pcre

MANDRIVA - MDVSA-2009:023

MANDRIVA - MDVSA-2008:147

GENTOO - GLSA-200807-03

DEBIAN - DSA-1602

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0305

UBUNTU - USN-624-2

CONFIRM - http://support.apple.com/kb/HT3549

CONFIRM - http://support.apple.com/kb/HT3216

SECUNIA - 39300

SECUNIA - 35650

SECUNIA - 35074

SECUNIA - 32454

SECUNIA - 32222

SECUNIA - 31200

SECUNIA - 30990

SECUNIA - 30972

SECUNIA - 30967

SECUNIA - 30961

SECUNIA - 30958

SECUNIA - 30945

SECUNIA - 30944

SECUNIA - 30916

HP - SSRT090192

HP - SSRT090085

SUSE - SUSE-SR:2008:014

APPLE - APPLE-SA-2009-05-12

APPLE - APPLE-SA-2008-10-09

CONFIRM - http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=228091

GENTOO - GLSA-200811-05

SECUNIA - 32746

HP - HPSBUX02465

HP - HPSBUX02431

Related Patches

Apple 2008-10-09 Security Update 2008-007 Client (PPC)

Apple 2008-10-09 Security Update 2008-007 Server (PPC)

Apple 2008-10-09 Security Update 2008-007 Client (Intel)

Apple 2008-10-09 Security Update 2008-007 Server (Universal)

Apple 2008-10-09 Security Update 2008-007 Server (Leopard)

Apple 2009-05-12 Mac OS X 10.5.7 Combo Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Update

Apple 2009-05-12 Mac OS X 10.5.7 Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Combo Update


Last Updated: 27 May 2016 10:49:48