FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-0674

This CVE name corresponds to:

Entered Topic
2008-02-29 pcre -- buffer overflow vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-0674 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-0674
Phase Assigned(20080211)

Description

Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.

References

Source Reference
BUGTRAQ 20080228 rPSA-2008-0086-1 pcre
BUGTRAQ 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl
MLIST [oss-security] 20080502 CVE Request (PHP)
CONFIRM http://pcre.org/changelog.txt
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=431660
CONFIRM http://ftp.gnome.org/pub/gnome/sources/glib/2.14/glib-2.14.6.news
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0086
CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0086
CONFIRM http://www.php.net/ChangeLog-5.php
CONFIRM https://issues.rpath.com/browse/RPL-2223
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
CONFIRM https://issues.rpath.com/browse/RPL-2503
CONFIRM http://support.apple.com/kb/HT3216
CONFIRM http://support.apple.com/kb/HT3757
APPLE APPLE-SA-2008-07-31
APPLE APPLE-SA-2008-10-09
APPLE APPLE-SA-2009-08-05-1
DEBIAN DSA-1499
FEDORA FEDORA-2008-1533
FEDORA FEDORA-2008-1783
FEDORA FEDORA-2008-1842
GENTOO GLSA-200803-24
GENTOO GLSA-200811-05
MANDRIVA MDVSA-2008:053
SUSE SUSE-SR:2008:004
UBUNTU USN-581-1
CERT TA09-218A
BID 27786
BID 29009
BID 31681
SECTRACK 1022674
SECUNIA 36096
SECUNIA 32746
VUPEN ADV-2008-0570
VUPEN ADV-2008-0592
VUPEN ADV-2008-1412
VUPEN ADV-2008-2268
VUPEN ADV-2008-2780
SECUNIA 28923
SECUNIA 28960
SECUNIA 28985
SECUNIA 28996
SECUNIA 28957
SECUNIA 29027
SECUNIA 29048
SECUNIA 29175
SECUNIA 29267
SECUNIA 29282
SECUNIA 30048
SECUNIA 30345
SECUNIA 31326
SECUNIA 32222
VUPEN ADV-2009-2172
XF pcre-characterclass-bo(40505)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.