Show filters
333 Total Results
Displaying 221-230 of 333
Sort by:
Attacker Value
Unknown
CVE-2008-2371
Disclosure Date: July 07, 2008 (last updated October 04, 2023)
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
0
Attacker Value
Unknown
CVE-2008-2827
Disclosure Date: June 23, 2008 (last updated October 04, 2023)
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
0
Attacker Value
Unknown
CVE-2008-2292
Disclosure Date: May 18, 2008 (last updated October 04, 2023)
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).
0
Attacker Value
Unknown
CVE-2008-1927
Disclosure Date: April 24, 2008 (last updated October 04, 2023)
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.
0
Attacker Value
Unknown
CVE-2006-7226
Disclosure Date: December 03, 2007 (last updated October 04, 2023)
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).
0
Attacker Value
Unknown
CVE-2006-7225
Disclosure Date: December 03, 2007 (last updated October 04, 2023)
Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a [[ sequence.
0
Attacker Value
Unknown
CVE-2006-7230
Disclosure Date: November 15, 2007 (last updated October 04, 2023)
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.
0
Attacker Value
Unknown
CVE-2006-7228
Disclosure Date: November 14, 2007 (last updated February 13, 2023)
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
0
Attacker Value
Unknown
CVE-2006-7227
Disclosure Date: November 14, 2007 (last updated February 13, 2023)
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
0
Attacker Value
Unknown
CVE-2007-4766
Disclosure Date: November 07, 2007 (last updated October 04, 2023)
Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences.
0