CVE-2008-2371
CVE-2008-2371
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.gentoo.org/show_bug.cgi?id=228091http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changeshttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.htmlhttp://marc.info/?l=bugtraq&m=124654546101607&w=2http://marc.info/?l=bugtraq&m=125631037611762&w=2http://secunia.com/advisories/30916http://secunia.com/advisories/30944http://secunia.com/advisories/30945http://secunia.com/advisories/30958http://secunia.com/advisories/30961