[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Executable Regular Expression Error

ID: 624Date: (C)2012-05-14   (M)2012-11-08
Type: weaknessStatus: INCOMPLETE
Abstraction Type: Base





Description

The product uses a regular expression that either (1) contains an executable component with user-controlled inputs, or (2) allows a user to enable execution by inserting pattern modifiers.

Extended Description

Case (2) is possible in the PHP preg_replace() function, and possibly in other languages when a user-controlled input is inserted into a string that is later parsed as a regular expression.

Applicable Platforms
Language: PHP
Language: Perl

Time Of Introduction

  • Implementation

Common Consequences

ScopeTechnical ImpactNotes
Confidentiality
Integrity
Availability
 
Execute unauthorized code or commands
 
 

Detection Methods
None

Potential Mitigations

PhaseStrategyDescriptionEffectivenessNotes
Implementation
 
 The regular expression feature in some languages allows inputs to be quoted or escaped before insertion, such as \Q and \E in Perl.
 
  

Relationships

Related CWETypeViewChain
CWE-624 ChildOf CWE-896 Category CWE-888  

Demonstrative Examples
None

Observed Examples

  1. CVE-2006-2059 : executable regexp in PHP by inserting "e" modifier into first argument to preg_replace
  2. CVE-2005-3420 : executable regexp in PHP by inserting "e" modifier into first argument to preg_replace
  3. CVE-2006-2878 CVE-2006-2908 : complex curly syntax inserted into the replacement argument to PHP preg_replace(), which uses the "/e" modifier

For more examples, refer to CVE relations in the bottom box.

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings
None

References:
None

© 2013 SecPod Technologies