Lucene search
PRIOn knowledge basePRION:CVE-2015-8380HistoryDec 02, 2015 - 1:59 a.m.
Heap overflow
2015-12-0201:59:00
PRIOn knowledge base
www.prio-n.com
9
The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 22 | |
| perl_compatible_regular_expression_library | le | 8.37 |
References
vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup
www.openwall.com/lists/oss-security/2015/11/29/1
www.securityfocus.com/bid/77695
blog.fuzzing-project.org/29-Heap-Overflow-in-PCRE.html
bto.bluecoat.com/security-advisory/sa128
bugs.exim.org/show_bug.cgi?id=1637
lists.fedoraproject.org/pipermail/package-announce/2015-December/173700.html
security.gentoo.org/glsa/201607-02
Related
cve
cve
CVE-2015-8380
2015-12-02 01:59:03
fedora
fedora
[SECURITY] Fedora 22 Update: pcre-8.37-7.fc22
2015-12-12 01:58:34
debiancve
debiancve
CVE-2015-8380
2015-12-02 01:59:03
nvd
nvd
CVE-2015-8380
2015-12-02 01:59:03
cvelist
cvelist
CVE-2015-8380
2015-12-02 01:00:00
nessus
nessus
Fedora 22 : pcre-8.37-7.fc22 (2015-afafa29551)
2016-03-04 00:00:00
EulerOS 2.0 SP3 : pcre (EulerOS-SA-2018-1167)
2018-06-28 00:00:00
EulerOS 2.0 SP2 : pcre (EulerOS-SA-2019-1733)
2019-07-22 00:00:00
ubuntucve
ubuntucve
CVE-2015-8380
2015-12-01 00:00:00
ibm
ibm
Security Bulletin: IBM Netezza SQL Extensions is vulnerable to an OpenSource PCRE Vulnerability (CVE-2015-8380, CVE-2015-8382, CVE-2015-8391)
2019-10-18 03:10:29
openvas
openvas
Huawei EulerOS: Security Advisory for pcre (EulerOS-SA-2019-1733)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for pcre (EulerOS-SA-2018-1167)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for pcre (EulerOS-SA-2019-1558)
2020-01-23 00:00:00
f5
f5
SOL20225390 - Multiple PCRE vulnerabilities
2016-02-04 00:00:00
K20225390 : Multiple PCRE vulnerabilities
2016-02-04 00:00:00
openwrt
openwrt
pcre: Security update (18 CVEs)
2016-01-28 12:40:02
rosalinux
rosalinux
Advisory ROSA-SA-2021-1947
2021-07-02 17:40:57
symantec
symantec
SA128 : Multiple PCRE Vulnerabilities
2016-07-07 08:00:00
gentoo
gentoo
libpcre: Multiple Vulnerabilities
2016-07-09 00:00:00
ubuntu
ubuntu
PCRE vulnerabilities
2016-03-29 00:00:00
suse
suse
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32