CVE-2015-2325 – pcre: heap buffer overflow in compile_branch()
https://notcve.org/view.php?id=CVE-2015-2325
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier. La función compile_branch en PCRE versiones anteriores a 8.37, permite a atacantes dependiendo del contexto compilar código incorrecto, causar una denegación de servicio (lectura de la pila fuera de límites y bloqueo) o posiblemente tener otro impacto no especificado por medio de una expresión regular con un grupo que contiene una referencia directa repetida una gran número de veces dentro de un grupo externo repetido que posee un cuantificador mínimo cero. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html https://bugs.exim.org/show_bug.cgi?id=1591 https://fortiguard.com/zeroday/FG-VD-15-015 https://www.pcre.org/original/changelog.txt https://access.redhat.com/security/cve/CVE-2015-2325 https://bugzilla.redhat.com/show_bug.cgi?id=1207198 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2015-2326 – pcre: heap buffer over-read in pcre_compile2() (8.37/23)
https://notcve.org/view.php?id=CVE-2015-2326
The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/". La función pcre_compile2 en PCRE versiones anteriores a 8.37, permite a atacantes dependiendo del contexto compilar código incorrecto y causar una denegación de servicio (lectura fuera de límites) mediante una expresión regular con un grupo que contiene una llamada de subrutina de referencia directa y una referencia inversa recursiva, como es demostrado por "((? +1)(\1))/". • http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html https://bugs.exim.org/show_bug.cgi?id=1592 https://fortiguard.com/zeroday/FG-VD-15-016 https://www.pcre.org/original/changelog.txt https://access.redhat.com/security/cve/CVE-2015-2326 https://bugzilla.redhat.com/show_bug.cgi?id=1207202 • CWE-125: Out-of-bounds Read •
CVE-2014-8964 – pcre: incorrect handling of zero-repeat assertion conditions
https://notcve.org/view.php?id=CVE-2014-8964
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. Desbordamiento de buffer basado en memoria dinámica en PCRE 8.36 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) o tener otro impacto no especificado a través de una expresión regular manipulada, relacionado con una aserción que permite cero repeticiones. A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application (for example, Konqueror) linked against PCRE to crash while parsing malicious regular expressions. • http://advisories.mageia.org/MGASA-2014-0534.html http://bugs.exim.org/show_bug.cgi?id=1546 http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html http://rhn.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-1951
https://notcve.org/view.php?id=CVE-2011-1951
lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via a message that does not match a regular expression. lib/logmatcher.c en Balabit syslog-ng anterior a v3.2.4, cuando la bandera global está habilitada y cuando usa PCRE v8.12 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio(consumo de memoria) a través de un mensaje que no coincide con una expresión regular. • http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git%3Ba=commit%3Bh=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062107.html http://secunia.com/advisories/45122 http://www.openwall.com/lists/oss-security/2011/05/26/1 http://www.securityfocus.com/bid/47800 https://bugzilla.redhat.com/show_bug.cgi?id=709088 • CWE-399: Resource Management Errors •
CVE-2008-2371
https://notcve.org/view.php?id=CVE-2008-2371
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. Desbordamiento de búfer basado en montículo en pcre_compile.c en la biblioteca Perl-Compatible Regular Expression (PCRE) 7.7, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) o la posibilidad de ejecutar código de su elección a través de expresiones regulares que comienzan con un opción y contienen múltiples ramas. • http://bugs.gentoo.org/show_bug.cgi?id=228091 http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://secunia.com/advisories/30916& • CWE-787: Out-of-bounds Write •