Your submission was sent successfully! Close

CVE-2008-2371

Published: 7 July 2008

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

Priority

Low

Status

Package Release Status
erlang
Launchpad, Ubuntu, Debian
dapper Not vulnerable
(code-not-present)
hardy Not vulnerable
(code-not-present)
intrepid
Released (1:12.b.3-dfsg-1ubuntu1.1)
jaunty
Released (1:12.b.5-dfsg-2ubuntu0.1)
karmic
Released (1:13.b.1-dfsg-2ubuntu1.1)
upstream Needs triage

pcre3
Launchpad, Ubuntu, Debian
dapper
Released (7.4-0ubuntu0.6.06.3)
feisty
Released (7.4-0ubuntu0.7.04.3)
gutsy
Released (7.4-0ubuntu0.7.10.3)
hardy
Released (7.4-1ubuntu2.1)
intrepid
Released (7.6-2.1ubuntu1)
jaunty Not vulnerable

karmic Not vulnerable

upstream
Released (7.7)
php5
Launchpad, Ubuntu, Debian
dapper Not vulnerable

feisty Not vulnerable

gutsy
Released (5.2.3-1ubuntu6.4)
hardy
Released (5.2.4-2ubuntu5.3)
intrepid Not vulnerable
(library is not built in Debian)
jaunty Not vulnerable

karmic Not vulnerable

upstream Needed