FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pcre -- regular expression buffer overflow

Affected packages
pcre < 6.2
pcre-utf8 < 6.2

Details

VuXML ID b971d2a6-1670-11da-978e-0001020eed82
Discovery 2005-08-01
Entry 2005-08-26

The pcre library is vulnerable to a buffer overflow vulnerability due to insufficient validation of quantifier values. This could lead execution of arbitrary code with the permissions of the program using pcre by way of a specially crated regular expression.

References

Bugtraq ID 14620
CVE Name CVE-2005-2491
URL http://www.pcre.org/changelog.txt