CVE-2008-2371

EPSS 4.1%

pcre3 - heap-based buffer overflow

發布日:2008/7/7修改日:2026/4/28

描述

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

受影響套件(3)

Debian/pcre3from 0, < 7.6-2.1
Debian/pcre3from 0, < 6.7+7.4-4
Debian/pcre3from 0, < 7.4-1+lenny2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2371