CVE-2007-1659

Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.

🔗 References (116)

• cve@mitrehttp://bugs.gentoo.org/show_bug.cgi?id=198976
• cve@mitrehttp://docs.info.apple.com/article.html?artnum=307179
• cve@mitrehttp://docs.info.apple.com/article.html?artnum=307562
• cve@mitrehttp://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
• cve@mitrehttp://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
• cve@mitrehttp://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
• cve@mitrehttp://secunia.com/advisories/27538
• cve@mitrehttp://secunia.com/advisories/27543
• cve@mitrehttp://secunia.com/advisories/27547
• cve@mitrehttp://secunia.com/advisories/27554
• cve@mitrehttp://secunia.com/advisories/27598
• cve@mitrehttp://secunia.com/advisories/27697
• cve@mitrehttp://secunia.com/advisories/27741
• cve@mitrehttp://secunia.com/advisories/27773