CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1659 – pcre regular expression flaws
https://notcve.org/view.php?id=CVE-2007-1659
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. La biblioteca Perl-Compatible Regular Expression (PCRE) anterior a la versión 7.3 permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de patrones regex que contienen sec... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1660 – pcre regular expression flaws
https://notcve.org/view.php?id=CVE-2007-1660
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code. La biblioteca Perl-Compatible Regular Expression (PCRE) anterior a la versión 7.0 no calcula apropiadamente los tamaños de las "multiple forms of character class" no especificadas, lo que desencadena un desbordamiento... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1662
https://notcve.org/view.php?id=CVE-2007-1662
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 lee más allá del final de una cadena cuando busca corchetes no coincidentes y paréntesis, lo cual permite a atacantes locales o remotos (dependiendo del contexto) provocar una ... • http://bugs.gentoo.org/show_bug.cgi?id=198976 •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-4766
https://notcve.org/view.php?id=CVE-2007-4766
07 Nov 2007 — Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences. Múltiples desbordamientos de entero en la librería Perl-Compatible Regular Expression (PCRE) naterior a 7.3 permiten a atacantes locales o remotos (dependiendo del contexto) provocar una denegación de servicio (caída) o ejecutar código de su elección mediante secuencias de esca... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2007-4767
https://notcve.org/view.php?id=CVE-2007-4767
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 no computa adecuadamente la longitud de (1) una secuencia \p, (2) una secuencia \P, o (3) una secuencia \P{x}, lo cual permite a atacantes dependientes de co... • http://bugs.gentoo.org/show_bug.cgi?id=198976 •
CVSS: 9.8EPSS: 12%CPEs: 3EXPL: 0CVE-2007-4768 – : pcre before 7.3 incorrect unicode in char class optimization
https://notcve.org/view.php?id=CVE-2007-4768
07 Nov 2007 — Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized. Desbordamiento de búfer basado en montículo en la librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 permite a atacantes locales o remotos (dependiendo del contexto) ejecutar código de su elección mediante una secuencia de caracteres Unico... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2005-4872 – pcre incorrect memory requirement computation
https://notcve.org/view.php?id=CVE-2005-4872
31 Dec 2005 — Perl-Compatible Regular Expression (PCRE) library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service (crash) via a regular expression with a large number of named subpatterns, which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split. • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2005-2491 – pcre heap overflow
https://notcve.org/view.php?id=CVE-2005-2491
22 Aug 2005 — Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt •