CVE-2006-7228

Impact:
Important
Public Date:
2007-11-07
CWE:
CWE-190
Bugzilla:
383371: CVE-2006-7228 pcre integer overflow

The MITRE CVE dictionary describes this issue as:

Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.

Find out more about CVE-2006-7228 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (pcre) RHSA-2007:1059 2007-11-29
Red Hat Enterprise Linux 3 (python) RHSA-2007:1076 2007-12-10
Red Hat Enterprise Linux 2.1 (python) RHSA-2007:1077 2007-12-10
Red Hat Enterprise Linux 3 (pcre) RHSA-2007:1063 2007-11-29
Red Hat Enterprise Linux 2.1 (pcre) RHSA-2007:1065 2007-11-29
Red Hat Enterprise Linux 2.1 (php) RHSA-2008:0546 2008-07-16
Red Hat Enterprise Linux 4 (pcre) RHSA-2007:1068 2007-11-29
Red Hat Enterprise Linux 4 (python) RHSA-2007:1076 2007-12-10
Last Modified

CVE description copyright © 2017, The MITRE Corporation