National Vulnerability Database (NVD) National Vulnerability Database (CVE-2008-0674)

National Cyber-Alert System

Vulnerability Summary for CVE-2008-0674

Original release date:02/18/2008

Last revised:08/13/2009

Source: US-CERT/NIST

Overview

Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type:Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

Vendor Statments (disclaimer)

Official Statement from Red Hat (02/20/2008): Not vulnerable. This issue did not affect the versions of PCRE as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA09-218A

Name: TA09-218A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA09-218A.html

External Source: CONFIRM

Name: https://bugzilla.redhat.com/show_bug.cgi?id=431660

Hyperlink:https://bugzilla.redhat.com/show_bug.cgi?id=431660

External Source: VUPEN

Name: ADV-2009-2172

Hyperlink:http://www.vupen.com/english/advisories/2009/2172

External Source: SECTRACK

Name: 1022674

Hyperlink:http://www.securitytracker.com/id?1022674

External Source: BID

Name: 31681

Hyperlink:http://www.securityfocus.com/bid/31681

External Source: VUPEN

Name: ADV-2008-2780

Hyperlink:http://www.frsirt.com/english/advisories/2008/2780

External Source: VUPEN

Name: ADV-2008-2268

Hyperlink:http://www.frsirt.com/english/advisories/2008/2268

External Source: VUPEN

Name: ADV-2008-0570

Hyperlink:http://www.frsirt.com/english/advisories/2008/0570

External Source: CONFIRM

Name: http://support.apple.com/kb/HT3757

Hyperlink:http://support.apple.com/kb/HT3757

External Source: CONFIRM

Name: http://support.apple.com/kb/HT3216

Hyperlink:http://support.apple.com/kb/HT3216

External Source: SECUNIA

Name: 36096

Hyperlink:http://secunia.com/advisories/36096

External Source: SECUNIA

Name: 32222

Hyperlink:http://secunia.com/advisories/32222

External Source: SECUNIA

Name: 31326

Hyperlink:http://secunia.com/advisories/31326

External Source: CONFIRM

Name: http://pcre.org/changelog.txt

Hyperlink:http://pcre.org/changelog.txt

External Source: APPLE

Name: APPLE-SA-2009-08-05-1

Hyperlink:http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html

External Source: APPLE

Name: APPLE-SA-2008-10-09

Hyperlink:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

External Source: APPLE

Name: APPLE-SA-2008-07-31

Hyperlink:http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

External Source: FEDORA

Name: FEDORA-2008-1842

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html

External Source: FEDORA

Name: FEDORA-2008-1783

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html

External Source: FEDORA

Name: FEDORA-2008-1533

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html

External Source: CONFIRM

Name: https://issues.rpath.com/browse/RPL-2503

Hyperlink:https://issues.rpath.com/browse/RPL-2503

External Source: CONFIRM

Name: https://issues.rpath.com/browse/RPL-2223

Hyperlink:https://issues.rpath.com/browse/RPL-2223

External Source: XF

Name: pcre-characterclass-bo(40505)

Hyperlink:http://xforce.iss.net/xforce/xfdb/40505

External Source: UBUNTU

Name: USN-581-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-581-1

External Source: BID

Name: 29009

Hyperlink:http://www.securityfocus.com/bid/29009

External Source: BID

Name: 27786

Hyperlink:http://www.securityfocus.com/bid/27786

External Source: BUGTRAQ

Name: 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/492535/100/0/threaded

External Source: BUGTRAQ

Name: 20080228 rPSA-2008-0086-1 pcre

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/488927/100/0/threaded

External Source: CONFIRM

Name: http://www.php.net/ChangeLog-5.php

Hyperlink:http://www.php.net/ChangeLog-5.php

External Source: MLIST

Name: [oss-security] 20080502 CVE Request (PHP)

Hyperlink:http://www.openwall.com/lists/oss-security/2008/05/02/2

External Source: MANDRIVA

Name: MDVSA-2008:053