Download
| Alert*
|
oval:org.secpod.oval:def:301569
Tavis Ormandy of the Google Security Team discovered a heap-based buffer overflow when compiling certain regular expression patterns. This could be used by a malicious attacker by sending a specially crafted regular expression to an application using the PCRE library, resulting in the possible execu ... oval:org.secpod.oval:def:700167 USN-624-1 fixed a vulnerability in PCRE. This update provides the corresponding update for Erlang. Original advisory details: Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leadin ... oval:org.mitre.oval:def:7744 Tavis Ormandy discovered that PCRE, the Perl-Compatible Regular Expression library, may encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading to arbitrary code execution. |
