FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4768

This CVE name corresponds to:

Entered Topic
2008-01-03 linux-flashplugin -- multiple vulnerabilities
2007-11-06 pcre -- arbitrary code execution

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-4768 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-4768
Phase Assigned(20070910)

Description

Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.

References

Source Reference
BUGTRAQ 20071106 rPSA-2007-0231-1 pcre
BUGTRAQ 20071112 FLEA-2007-0064-1 pcre
MLIST [gtk-devel-list] 20071107 GLib 2.14.3
MISC http://bugs.gentoo.org/show_bug.cgi?id=198976
CONFIRM https://issues.rpath.com/browse/RPL-1738
CONFIRM http://docs.info.apple.com/article.html?artnum=307179
CONFIRM http://www.adobe.com/support/security/bulletins/apsb07-20.html
CONFIRM http://docs.info.apple.com/article.html?artnum=307562
CONFIRM http://www.adobe.com/support/security/bulletins/apsb08-13.html
APPLE APPLE-SA-2007-12-17
APPLE APPLE-SA-2008-03-18
DEBIAN DSA-1399
DEBIAN DSA-1570
FEDORA FEDORA-2008-1842
GENTOO GLSA-200711-30
GENTOO GLSA-200801-02
GENTOO GLSA-200801-07
GENTOO GLSA-200801-18
GENTOO GLSA-200801-19
GENTOO GLSA-200805-11
MANDRIVA MDKSA-2007:211
REDHAT RHSA-2007:1126
SUNALERT 238305
SUNALERT 239286
SUSE SUSE-SA:2007:069
UBUNTU USN-547-1
CERT TA07-352A
CERT TA07-355A
BID 26346
OVAL oval:org.mitre.oval:def:9701
VUPEN ADV-2007-3725
VUPEN ADV-2007-3790
VUPEN ADV-2007-4238
VUPEN ADV-2007-4258
VUPEN ADV-2008-0924
VUPEN ADV-2008-1724
VUPEN ADV-2008-1966
SECTRACK 1019116
SECUNIA 27538
SECUNIA 27543
SECUNIA 27554
SECUNIA 27741
SECUNIA 27697
SECUNIA 28136
SECUNIA 28157
SECUNIA 28161
SECUNIA 28406
SECUNIA 28414
SECUNIA 28570
SECUNIA 28714
SECUNIA 28720
SECUNIA 28213
SECUNIA 29267
SECUNIA 29420
SECUNIA 30155
SECUNIA 30219
SECUNIA 30507
SECUNIA 30840
SECUNIA 30106
XF pcre-class-unicode-bo(38278)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.