CVE-2006-7230

Publication date 15 November 2007

Last updated 24 July 2024

Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
pcre3	7.10 gutsy	Not affected
	7.04 feisty	Fixed 7.4-0ubuntu0.7.04.1
	6.10 edgy	Fixed 7.4-0ubuntu0.6.10.1
	6.06 LTS dapper	Fixed 7.4-0ubuntu0.6.06.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2006-7230