CVE-2008-2371 (retired)

Priority
Description
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular
Expression (PCRE) library 7.7 allows context-dependent attackers to cause a
denial of service (crash) or possibly execute arbitrary code via a regular
expression that begins with an option and contains multiple branches.
Notes
 jdstrand> kees did pcre3 update
 jdstrand> php5 on dapper and feisty is not vulnerable
 jdstrand> jdstrand sponsored erlang update for karmic and lucid
Package
Source: pcre3 (LP Ubuntu Debian)
Upstream:released (7.7)
More Information

Updated: 2019-03-26 11:44:05 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)