Lucene search
F5F5:K17331HistorySep 29, 2015 - 12:00 a.m.
K17331 : PCRE library vulnerability CVE-2015-5073
2015-09-2900:00:00
my.f5.com
11
Security Advisory Description
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis. (CVE-2015-5073)
Impact
A local, authenticated attacker may be able to provide malicious input in the configuration to exploit this vulnerability. There is no data plane exposure to this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.3.0 | |
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 |
Related
cve
cve
CVE-2015-5073
2016-12-13 16:59:06
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0267)
2015-10-15 00:00:00
IPFire 2.17 - Core Update 93
2015-08-18 00:00:00
Fedora Update for pcre FEDORA-2015-12921
2015-08-14 00:00:00
nessus
nessus
FreeBSD : pcre -- Heap Overflow Vulnerability in find_fixedlength() (8a1d0e63-1e07-11e5-b43d-002590263bf5)
2015-07-21 00:00:00
F5 Networks BIG-IP : PCRE library vulnerability (K17331)
2017-03-06 00:00:00
Fedora 21 : pcre-8.35-12.fc21 (2015-11019)
2015-07-20 00:00:00
debiancve
debiancve
CVE-2015-5073
2016-12-13 16:59:06
f5
f5
SOL17331 - PCRE library vulnerability CVE-2015-5073
2015-09-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:34:18
Out-Of-Bounds Read
2019-05-02 06:02:24
Arbitrary Code Execution
2019-05-02 06:02:23
freebsd
freebsd
pcre -- Heap Overflow Vulnerability in find_fixedlength()
2015-06-23 00:00:00
mageia
mageia
Updated pcre package fixes security vulnerability
2015-07-05 20:22:03
prion
prion
Heap overflow
2016-12-13 16:59:00
nvd
nvd
CVE-2015-5073
2016-12-13 16:59:06
cvelist
cvelist
CVE-2015-5073
2016-12-13 16:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: pcre-8.37-2.fc22
2015-07-13 19:13:55
[SECURITY] Fedora 22 Update: pcre-8.37-3.fc22
2015-08-13 16:57:41
[SECURITY] Fedora 21 Update: pcre-8.35-12.fc21
2015-07-18 02:05:10
amazon
amazon
Medium: pcre
2023-06-05 16:39:00
Medium: glib2
2023-06-21 19:11:00
securityvulns
securityvulns
PCRE multiple security vulnerabilities
2015-08-02 00:00:00
[USN-2694-1] PCRE vulnerabilities
2015-08-02 00:00:00
ubuntucve
ubuntucve
ubuntu
ubuntu
PCRE vulnerabilities
2015-07-29 00:00:00
PCRE vulnerabilities
2016-03-29 00:00:00
oraclelinux
oraclelinux
pcre security update
2016-05-11 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in PCRE affect PowerKVM
2018-06-18 01:32:32
redhat
redhat
(RHSA-2016:1025) Important: pcre security update
2016-05-11 11:17:05
(RHSA-2016:1132) Important: rh-mariadb100-mariadb security update
2016-05-26 08:10:09
centos
centos
pcre security update
2016-05-13 00:44:08
gentoo
gentoo
libpcre: Multiple Vulnerabilities
2016-07-09 00:00:00
suse
suse
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53