CVE-2007-1662

Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references.

🔗 References (84)

• cve@mitrehttp://bugs.gentoo.org/show_bug.cgi?id=198976
• cve@mitrehttp://docs.info.apple.com/article.html?artnum=307179
• cve@mitrehttp://docs.info.apple.com/article.html?artnum=307562
• cve@mitrehttp://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
• cve@mitrehttp://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
• cve@mitrehttp://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
• cve@mitrehttp://secunia.com/advisories/27538
• cve@mitrehttp://secunia.com/advisories/27543
• cve@mitrehttp://secunia.com/advisories/27554
• cve@mitrehttp://secunia.com/advisories/27697
• cve@mitrehttp://secunia.com/advisories/27741
• cve@mitrehttp://secunia.com/advisories/28136
• cve@mitrehttp://secunia.com/advisories/28406
• cve@mitrehttp://secunia.com/advisories/28414
• cve@mitrehttp://secunia.com/advisories/28714