PT-2008-2628 · Philip Hazel+1 · Pcre+1
Charlie Miller
+2
·
Publicado
2008-04-17
·
Atualizado
2018-10-11
·
CVE-2008-1026
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Safari versions prior to 3.1.1
Description
The issue is related to an integer overflow in the PCRE regular expression compiler, which can be exploited by remote attackers to execute arbitrary code. This is achieved through a regular expression with large, nested repetition counts, triggering a heap-based buffer overflow.
Recommendations
For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pcre
Safari