Lucene search
AmazonALAS-2015-528HistoryMay 27, 2015 - 2:03 p.m.
Low: pcre
2015-05-2714:03:00
alas.aws.amazon.com
26
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.024
Percentile
90.1%
Issue Overview:
A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application linked against PCRE to crash while parsing malicious regular expressions.
Affected Packages:
pcre
Issue Correction:
Run yum update pcre to update your system.
New Packages:
i686:
pcre-devel-8.21-7.7.amzn1.i686
pcre-debuginfo-8.21-7.7.amzn1.i686
pcre-static-8.21-7.7.amzn1.i686
pcre-tools-8.21-7.7.amzn1.i686
pcre-8.21-7.7.amzn1.i686
src:
pcre-8.21-7.7.amzn1.src
x86_64:
pcre-static-8.21-7.7.amzn1.x86_64
pcre-8.21-7.7.amzn1.x86_64
pcre-debuginfo-8.21-7.7.amzn1.x86_64
pcre-devel-8.21-7.7.amzn1.x86_64
pcre-tools-8.21-7.7.amzn1.x86_64
Additional References
Red Hat: CVE-2014-8964
Mitre: CVE-2014-8964
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | pcre-devel | < 8.21-7.7.amzn1 | pcre-devel-8.21-7.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | pcre-debuginfo | < 8.21-7.7.amzn1 | pcre-debuginfo-8.21-7.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | pcre-static | < 8.21-7.7.amzn1 | pcre-static-8.21-7.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | pcre-tools | < 8.21-7.7.amzn1 | pcre-tools-8.21-7.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | pcre | < 8.21-7.7.amzn1 | pcre-8.21-7.7.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | pcre-static | < 8.21-7.7.amzn1 | pcre-static-8.21-7.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | pcre | < 8.21-7.7.amzn1 | pcre-8.21-7.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | pcre-debuginfo | < 8.21-7.7.amzn1 | pcre-debuginfo-8.21-7.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | pcre-devel | < 8.21-7.7.amzn1 | pcre-devel-8.21-7.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | pcre-tools | < 8.21-7.7.amzn1 | pcre-tools-8.21-7.7.amzn1.x86_64.rpm |
Related
redhat
redhat
(RHSA-2015:0330) Low: pcre security and enhancement update
2015-03-05 00:00:00
openvas
openvas
Fedora Update for pcre FEDORA-2014-16215
2014-12-20 00:00:00
Fedora Update for mingw-pcre FEDORA-2014-17642
2015-01-05 00:00:00
Fedora Update for mingw-pcre FEDORA-2014-17624
2015-01-05 00:00:00
nessus
nessus
Fedora 21 : mingw-pcre-8.35-1.fc21 (2014-17642)
2015-01-06 00:00:00
Fedora 19 : pcre-8.32-12.fc19 (2014-16224)
2014-12-22 00:00:00
Mandriva Linux Security Advisory : pcre (MDVSA-2015:002)
2015-01-06 00:00:00
archlinux
archlinux
pcre: heap buffer overflow
2014-11-26 00:00:00
mariadb-clients: denial of service
2015-05-08 00:00:00
mariadb: denial of service
2015-05-08 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: pcre-8.32-12.fc19
2014-12-19 18:27:20
[SECURITY] Fedora 19 Update: mingw-pcre-8.33-4.fc19
2015-01-05 07:40:08
[SECURITY] Fedora 20 Update: mingw-pcre-8.33-4.fc20
2015-01-05 07:33:53
debiancve
debiancve
CVE-2014-8964
2014-12-16 18:59:10
cve
cve
CVE-2014-8964
2014-12-16 18:59:10
prion
prion
Heap overflow
2014-12-16 18:59:00
securityvulns
securityvulns
PCRE buffer overflow
2015-01-13 00:00:00
[ MDVSA-2015:002 ] pcre
2015-01-13 00:00:00
[USN-2694-1] PCRE vulnerabilities
2015-08-02 00:00:00
cvelist
cvelist
CVE-2014-8964
2014-12-16 18:00:00
ubuntucve
ubuntucve
CVE-2014-8964
2014-12-16 00:00:00
mageia
mageia
Updated pcre packages fix security vulnerability
2014-12-19 18:06:35
centos
centos
pcre security update
2015-03-17 13:29:30
oraclelinux
oraclelinux
pcre security and enhancement update
2015-03-09 00:00:00
mariadbunix
mariadbunix
CVE-2014-8964
2014-12-16 18:59:10
nvd
nvd
CVE-2014-8964
2014-12-16 18:59:10
ubuntu
ubuntu
PCRE vulnerabilities
2015-07-29 00:00:00
n0where
n0where
MongoDB Security Audit: mongoaudit
2017-02-16 06:05:56
kitploit
kitploit
mongoaudit - A Powerful MongoDB Auditing and Pentesting Tool
2017-02-22 14:04:00
suse
suse
Security update for mariadb (important)
2015-07-21 16:08:23
Security update for MariaDB (important)
2015-07-09 17:08:05
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
gentoo
gentoo
libpcre: Multiple Vulnerabilities
2016-07-09 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.024
Percentile
90.1%
Related for ALAS-2015-528