PT-2014-8764 · Philip Hazel+6 · Pcre+6

Published

2014-12-16

Updated

2022-08-04

CVE-2014-8964

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions PCRE versions 8.36 and earlier

Description A heap-based buffer overflow issue allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.

Recommendations For PCRE version 8.36 and earlier, update to a version later than 8.36 to resolve the issue.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2015-1467

CESA-2015_0330

CVE-2014-8964

MGASA-2014-0534

OPENSUSE-SU-2015_1216-1

OPENSUSE-SU-2024:10277-1

OPENSUSE-SU-2024:10447-1

RHSA-2015:0330

RHSA-2015_0330

SUSE-SU-2015:1273-1

SUSE-SU-2015_1273-1

SUSE-SU-2016:2971-1

SUSE-SU-2016:3161-1

SUSE-SU-2016_2971-1

SUSE-SU-2016_3161-1

SUSE-SU-2017:2699-1

SUSE-SU-2017:2700-1

USN-2694-1

Affected Products

Alt Linux

Centos

Mariadb Server

Pcre

Red Hat

Suse

Ubuntu

PT-2014-8764 · Philip Hazel+6 · Pcre+6

CVE-2014-8964

Weakness Enumeration

Related Identifiers

Affected Products

References · 210