CVE-2007-4768

Name of the Vulnerable Software and Affected Versions libpcrecpp0 versions prior to 7.3 libpcre3 versions prior to 7.3 libpcre versions prior to 7.3-r1 pcregrep versions prior to 7.3 libpcre3-dev versions prior to 7.3

Description The issue involves multiple vulnerabilities in the PCRE library, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, a heap-based buffer overflow in the Perl-Compatible Regular Expression (PCRE) library before version 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.

Recommendations For libpcrecpp0 versions prior to 7.3, update to version 7.3 or later. For libpcre3 versions prior to 7.3, update to version 7.3 or later. For libpcre versions prior to 7.3-r1, update to version 7.3-r1 or later. For pcregrep versions prior to 7.3, update to version 7.3 or later. For libpcre3-dev versions prior to 7.3, update to version 7.3 or later.