CVE-2005-2491 Information

Description

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2 as used in multiple products such as Python Ethereal and PHP allows attackers to execute arbitrary code via quantifier values in regular expressions which leads to a heap-based buffer overflow.

Reference

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U http://docs.info.apple.com/article.html?artnum=302847 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://marc.info/?l=bugtraq&m=112605112027335&w=2 http://marc.info/?l=bugtraq&m=112606064317223&w=2 http://marc.info/?l=bugtraq&m=130497311408250&w=2 http://secunia.com/advisories/16502 http://secunia.com/advisories/16679 http://secunia.com/advisories/17252 http://secunia.com/advisories/17813 http://secunia.com/advisories/19072 http://secunia.com/advisories/19193 http://secunia.com/advisories/19532 http://secunia.com/advisories/21522 http://secunia.com/advisories/22691 http://secunia.com/advisories/22875 http://securityreason.com/securityalert/604 http://securitytracker.com/id?1014744 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm http://www.debian.org/security/2005/dsa-800 http://www.debian.org/security/2005/dsa-817 http://www.debian.org/security/2005/dsa-819 http://www.debian.org/security/2005/dsa-821 http://www.ethereal.com/appnotes/enpa-sa-00021.html http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml http://www.novell.com/linux/security/advisories/2005_48_pcre.html http://www.novell.com/linux/security/advisories/2005_49_php.html http://www.novell.com/linux/security/advisories/2005_52_apache2.html http://www.php.net/release_4_4_1.php http://www.redhat.com/support/errata/RHSA-2005-358.html http://www.redhat.com/support/errata/RHSA-2005-761.html http://www.redhat.com/support/errata/RHSA-2006-0197.html http://www.securityfocus.com/archive/1/427046/100/0/threaded http://www.securityfocus.com/archive/1/428138/100/0/threaded http://www.securityfocus.com/bid/14620 http://www.securityfocus.com/bid/15647 http://www.vupen.com/english/advisories/2005/1511 http://www.vupen.com/english/advisories/2005/2659 http://www.vupen.com/english/advisories/2006/0789 http://www.vupen.com/english/advisories/2006/4320 http://www.vupen.com/english/advisories/2006/4502 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@3Ccvs.httpd.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11516 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1496 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1659 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A735