CVE-2006-7227
CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://bugs.gentoo.org/show_bug.cgi?id=198976http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.htmlhttp://scary.beasts.org/security/CESA-2007-006.htmlhttp://secunia.com/advisories/27582http://secunia.com/advisories/27741http://secunia.com/advisories/27773http://secunia.com/advisories/27869http://secunia.com/advisories/28406http://secunia.com/advisories/28414http://secunia.com/advisories/28658http://secunia.com/advisories/28714http://secunia.com/advisories/28720