CVE-2005-2491

Published: 23 August 2005

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

Priority

Status

Package	Release	Status
apache2 Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	edgy	Not vulnerable
	feisty	Not vulnerable
	upstream	Needs triage
gnumeric Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	edgy	Not vulnerable
	feisty	Not vulnerable
	upstream	Needs triage
pcre3 Launchpad, Ubuntu, Debian	dapper	Released (6.4-1.1ubuntu4)
	edgy	Released (6.4-1.1ubuntu4)
	feisty	Released (6.4-1.1ubuntu4)
	upstream	Needs triage
python2.2 Launchpad, Ubuntu, Debian	dapper	Released (2.2.3dfsg-4)
	edgy	Does not exist
	feisty	Does not exist
	upstream	Needs triage
python2.3 Launchpad, Ubuntu, Debian	dapper	Released (2.3.5-9ubuntu1.2)
	edgy	Does not exist
	feisty	Does not exist
	upstream	Needs triage
python2.4 Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	edgy	Not vulnerable
	feisty	Not vulnerable
	upstream	Needs triage

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2005-2491

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading