Your submission was sent successfully! Close

CVE-2007-4767

Published: 07 November 2007

Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.

Priority

Low

Status

Package Release Status
pcre3
Launchpad, Ubuntu, Debian
Upstream
Released (7.3)