Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-336: PCRE3 Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-336: PCRE3 Vulnerability
# 1  
Old 07-17-2008
S-336: PCRE3 Vulnerability
It was discovered that PCRE, the Perl-Compatible Regular Expression library, may encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading to arbitrary code execution. The risk is MEDIUM. May encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading the arbitrary code execution.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. IP Networking

Common Vulnerability

Hi there, I am trying to find info about the commonly used ports and how it can be vulnerable and to identify them? For example, I would like to identify how to man-in-the-middle using these ports 21(FTP),22(SSH),23(TELNET), (1 Reply)
Discussion started by: alvinoo
1 Replies

2. UNIX for Dummies Questions & Answers

Vulnerability Alerts

Aside from CERT, are there any additional sources for unix/linux vulnerabilities? (1 Reply)
Discussion started by: kmgrady01
1 Replies

3. Cybersecurity

SNMP Vulnerability

SNMP Vulnerability: In a few minutes wire services and other news sources will begin breaking a story about widespread vulnerabilities in SNMP (Simple Network Management Protocol). Exploits of the vulnerability cause systems to fail or to be taken over. The vulnerability can be found in... (1 Reply)
Discussion started by: dpatel
1 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

pcre_get_stringnumber

PCRE_GET_STRINGNUMBER(3)				     Library Functions Manual					  PCRE_GET_STRINGNUMBER(3)

NAME

       PCRE - Perl-compatible regular expressions

SYNOPSIS


       #include <pcre.h>

       int pcre_get_stringnumber(const pcre *code,
	    const char *name);

DESCRIPTION


       This convenience function finds the number of a named substring capturing parenthesis in a compiled pattern. Its arguments are:

	 code	 Compiled regular expression
	 name	 Name whose number is required

       The  yield of the function is the number of the parenthesis if the name is found, or PCRE_ERROR_NOSUBSTRING otherwise. When duplicate names
       are allowed (PCRE_DUPNAMES is set), it is not defined which of the numbers is returned by pcre_get_stringnumber(). You can obtain the  com-
       plete list by calling pcre_get_stringtable_entries().

       There is a complete description of the PCRE native API in the pcreapi page and a description of the POSIX API in the pcreposix page.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +--------------------+-----------------+
       |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
       +--------------------+-----------------+
       |Availability	    | SUNWpcre	      |
       +--------------------+-----------------+
       |Interface Stability | Uncommitted     |
       +--------------------+-----------------+
NOTES

       Source for PCRE is available on http://opensolaris.org.

															  PCRE_GET_STRINGNUMBER(3)