Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-336: PCRE3 Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-336: PCRE3 Vulnerability
# 1  
Old 07-17-2008
S-336: PCRE3 Vulnerability
It was discovered that PCRE, the Perl-Compatible Regular Expression library, may encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading to arbitrary code execution. The risk is MEDIUM. May encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading the arbitrary code execution.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. IP Networking

Common Vulnerability

Hi there, I am trying to find info about the commonly used ports and how it can be vulnerable and to identify them? For example, I would like to identify how to man-in-the-middle using these ports 21(FTP),22(SSH),23(TELNET), (1 Reply)
Discussion started by: alvinoo
1 Replies

2. UNIX for Dummies Questions & Answers

Vulnerability Alerts

Aside from CERT, are there any additional sources for unix/linux vulnerabilities? (1 Reply)
Discussion started by: kmgrady01
1 Replies

3. Cybersecurity

SNMP Vulnerability

SNMP Vulnerability: In a few minutes wire services and other news sources will begin breaking a story about widespread vulnerabilities in SNMP (Simple Network Management Protocol). Exploits of the vulnerability cause systems to fail or to be taken over. The vulnerability can be found in... (1 Reply)
Discussion started by: dpatel
1 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

pcre_get_stringtable_entries

PCRE_GET_STRINGTABLE_ENTRIES(3) 			     Library Functions Manual				   PCRE_GET_STRINGTABLE_ENTRIES(3)

NAME

       PCRE - Perl-compatible regular expressions

SYNOPSIS


       #include <pcre.h>

       int pcre_get_stringtable_entries(const pcre *code,
	    const char *name, char **first, char **last);

DESCRIPTION


       This convenience function finds, for a compiled pattern, the first and last entries for a given name in the table that translates capturing
       parenthesis names into numbers. When names  are	required  to  be  unique  (PCRE_DUPNAMES  is  not  set),  it  is  usually  easier  to  use
       pcre_get_stringnumber() instead.

	 code	 Compiled regular expression
	 name	 Name whose entries required
	 first	 Where to return a pointer to the first entry
	 last	 Where to return a pointer to the last entry

       The yield of the function is the length of each entry, or PCRE_ERROR_NOSUBSTRING if none are found.

       There  is  a complete description of the PCRE native API, including the format of the table entries, in the pcreapi page, and a description
       of the POSIX API in the pcreposix page.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +--------------------+-----------------+
       |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
       +--------------------+-----------------+
       |Availability	    | SUNWpcre	      |
       +--------------------+-----------------+
       |Interface Stability | Uncommitted     |
       +--------------------+-----------------+
NOTES

       Source for PCRE is available on http://opensolaris.org.

														   PCRE_GET_STRINGTABLE_ENTRIES(3)