CVE-2008-0674 : Detail

CVE-2008-0674

Overflow
60.51%V3
Network
2008-02-18
21h00 +00:00
2018-10-15
18h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Metrics

Metrics Score Severity CVSS Vector Source
V2 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Pcre>>Pcre >> Version To (including) 7.5

References

http://secunia.com/advisories/29267
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/1412
Tags : vdb-entry, x_refsource_VUPEN
http://support.apple.com/kb/HT3757
Tags : x_refsource_CONFIRM
http://secunia.com/advisories/28923
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/32746
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29048
Tags : third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200803-24.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://www.debian.org/security/2008/dsa-1499
Tags : vendor-advisory, x_refsource_DEBIAN
http://security.gentoo.org/glsa/glsa-200811-05.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/28957
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/31681
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/36096
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/29009
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/29027
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29282
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2268
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/28960
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30345
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2008/05/02/2
Tags : mailing-list, x_refsource_MLIST
http://secunia.com/advisories/28996
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.php.net/ChangeLog-5.php
Tags : x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2008:053
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/32222
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/0592
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/29175
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1022674
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/28985
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31326
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/27786
Tags : vdb-entry, x_refsource_BID
http://pcre.org/changelog.txt
Tags : x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/2780
Tags : vdb-entry, x_refsource_VUPEN
https://usn.ubuntu.com/581-1/
Tags : vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2008/0570
Tags : vdb-entry, x_refsource_VUPEN
http://support.apple.com/kb/HT3216
Tags : x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/2172
Tags : vdb-entry, x_refsource_VUPEN
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
Tags : third-party-advisory, x_refsource_CERT
http://secunia.com/advisories/30048
Tags : third-party-advisory, x_refsource_SECUNIA