CVE-2007-1661
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.
La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 vuelve demasiado atrás cuando compara determinados bytes de entrada con algunos patrones de expresiones regulares en modo no-UTF-8, lo cual permite a atacantes locales o remotos (dependiendo del contexto) obtener información sensible o provocar una denegación de servicio (caída), como se ha demostrado mediante los patrones "\X?\d" y "\P{L}?\d".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-03-24 CVE Reserved
- 2007-11-06 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (44)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.debian.org/security/2007/dsa-1399 | 2018-10-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Pcre Search vendor "Pcre" | Perl-compatible Regular Expression Library Search vendor "Pcre" for product "Perl-compatible Regular Expression Library" | <= 7.2 Search vendor "Pcre" for product "Perl-compatible Regular Expression Library" and version " <= 7.2" | - |
Affected
| ||||||
Pcre Search vendor "Pcre" | Perl-compatible Regular Expression Library Search vendor "Pcre" for product "Perl-compatible Regular Expression Library" | 7.0 Search vendor "Pcre" for product "Perl-compatible Regular Expression Library" and version "7.0" | - |
Affected
| ||||||
Pcre Search vendor "Pcre" | Perl-compatible Regular Expression Library Search vendor "Pcre" for product "Perl-compatible Regular Expression Library" | 7.1 Search vendor "Pcre" for product "Perl-compatible Regular Expression Library" and version "7.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | 10.4.11 Search vendor "Apple" for product "Mac Os X" and version "10.4.11" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Mac Os X Server Search vendor "Apple" for product "Mac Os X Server" | 10.4.11 Search vendor "Apple" for product "Mac Os X Server" and version "10.4.11" | - |
Affected
|