CVE-2007-1662

Name of the Vulnerable Software and Affected Versions libpcre versions prior to 7.3 libpcre3 versions (affected versions not specified) libpcrecpp0 versions (affected versions not specified) pcregrep versions (affected versions not specified) libpcre3-dev versions (affected versions not specified) pgrep versions (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the PCRE library, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely, potentially causing a denial of service (crash). The problem arises when the library reads past the end of a string while searching for unmatched brackets and parentheses, allowing context-dependent attackers to cause a crash, possibly involving forward references.

Recommendations For libpcre versions prior to 7.3, update to version 7.3 or later. For libpcre3, libpcrecpp0, pcregrep, libpcre3-dev, and pgrep, at the moment, there is no information about a newer version that contains a fix for this vulnerability.