|Bugzilla:||315881: CVE-2007-1660 pcre regular expression flaws|
The MITRE CVE dictionary describes this issue as:
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (pcre)||RHSA-2007:1065||November 29, 2007|
|Red Hat Enterprise Linux version 2.1 (php)||RHSA-2008:0546||July 16, 2008|
|Red Hat Enterprise Linux version 3 (pcre)||RHSA-2007:1063||November 29, 2007|
|Red Hat Enterprise Linux version 4 (pcre)||RHSA-2007:0968||November 05, 2007|
|Red Hat Enterprise Linux version 5 (pcre)||RHSA-2007:0967||November 05, 2007|
Red Hat would like to thank Tavis Ormandy and Will Drewry for properly disclosing these issues.
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.