CVE-2007-1661 (retired)

Priority
Description
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too
far when matching certain input bytes against some regex patterns in
non-UTF-8 mode, which allows context-dependent attackers to obtain
sensitive information or cause a denial of service (crash), as demonstrated
by the "\X?\d" and "\P{L}?\d" patterns.
Assigned-to
kees
Notes
Package
Source: pcre3 (LP Ubuntu Debian)
Upstream:released (7.3)
More Information

Updated: 2019-10-09 07:06:27 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)