CVSS: 7.5EPSS: 1%CPEs: 52EXPL: 0CVE-2006-7225 – pcre miscalculation of memory requirements for malformed Posix character class
https://notcve.org/view.php?id=CVE-2006-7225
03 Dec 2007 — Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a [[ sequence. La biblioteca Perl-Compatible Regular Expression (PCRE) versiones anteriores a 6.7 permite a atacantes locales o remotos dependientes del contexto provocar una denegación de servicio (error o caída) mediante una expresión regular qu... • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2006-7230 – pcre miscalculation of memory requirements if options are changed during pattern compilation
https://notcve.org/view.php?id=CVE-2006-7230
15 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.0 no calcula adecuadamente la cantidad de memoria necesaria para un patrón de expresión regula... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2006-7227 – pcre integer overflow
https://notcve.org/view.php?id=CVE-2006-7227
14 Nov 2007 — Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split. Desbordamiento de entero en la librería Perl-Compatible Regular Expression (PCRE) anterior a 6.7 permite a a... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2006-7228 – pcre integer overflow
https://notcve.org/view.php?id=CVE-2006-7228
14 Nov 2007 — Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split. Desbordamiento de entero en librería Perl-Compatible Regu... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1659 – pcre regular expression flaws
https://notcve.org/view.php?id=CVE-2007-1659
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. La biblioteca Perl-Compatible Regular Expression (PCRE) anterior a la versión 7.3 permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de patrones regex que contienen sec... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1660 – pcre regular expression flaws
https://notcve.org/view.php?id=CVE-2007-1660
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code. La biblioteca Perl-Compatible Regular Expression (PCRE) anterior a la versión 7.0 no calcula apropiadamente los tamaños de las "multiple forms of character class" no especificadas, lo que desencadena un desbordamiento... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1662
https://notcve.org/view.php?id=CVE-2007-1662
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 lee más allá del final de una cadena cuando busca corchetes no coincidentes y paréntesis, lo cual permite a atacantes locales o remotos (dependiendo del contexto) provocar una ... • http://bugs.gentoo.org/show_bug.cgi?id=198976 •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-4766
https://notcve.org/view.php?id=CVE-2007-4766
07 Nov 2007 — Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences. Múltiples desbordamientos de entero en la librería Perl-Compatible Regular Expression (PCRE) naterior a 7.3 permiten a atacantes locales o remotos (dependiendo del contexto) provocar una denegación de servicio (caída) o ejecutar código de su elección mediante secuencias de esca... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2007-4767
https://notcve.org/view.php?id=CVE-2007-4767
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 no computa adecuadamente la longitud de (1) una secuencia \p, (2) una secuencia \P, o (3) una secuencia \P{x}, lo cual permite a atacantes dependientes de co... • http://bugs.gentoo.org/show_bug.cgi?id=198976 •
CVSS: 9.8EPSS: 12%CPEs: 3EXPL: 0CVE-2007-4768 – : pcre before 7.3 incorrect unicode in char class optimization
https://notcve.org/view.php?id=CVE-2007-4768
07 Nov 2007 — Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized. Desbordamiento de búfer basado en montículo en la librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 permite a atacantes locales o remotos (dependiendo del contexto) ejecutar código de su elección mediante una secuencia de caracteres Unico... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •