fkie_nvd - fkie_cve-2006-7225

fkie_cve-2006-7225

Vulnerability from fkie_nvd

Published

2007-12-03 20:46

Modified

2024-11-21 00:24

Severity ?

Summary

Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a [[ sequence.

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
secalert@redhat.com	http://secunia.com/advisories/28041
secalert@redhat.com	http://secunia.com/advisories/28658
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:030
secalert@redhat.com	http://www.pcre.org/changelog.txt
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1059.html	Patch
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1068.html	Patch
secalert@redhat.com	http://www.securityfocus.com/bid/26725
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=384761
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10985
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28041
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28658
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:030
af854a3a-2127-422b-91ae-364da2661108	http://www.pcre.org/changelog.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1059.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1068.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26725
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=384761
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10985

Impacted products

Vendor	Product	Version
perl	pcre	0.91
perl	pcre	0.92
perl	pcre	0.93
perl	pcre	0.94
perl	pcre	0.95
perl	pcre	0.96
perl	pcre	0.97
perl	pcre	0.98
perl	pcre	0.99
perl	pcre	1.00
perl	pcre	1.01
perl	pcre	1.02
perl	pcre	1.03
perl	pcre	1.04
perl	pcre	1.05
perl	pcre	1.06
perl	pcre	1.07
perl	pcre	1.08
perl	pcre	1.09
perl	pcre	2.0
perl	pcre	2.01
perl	pcre	2.02
perl	pcre	2.03
perl	pcre	2.04
perl	pcre	2.05
perl	pcre	2.06
perl	pcre	2.07
perl	pcre	2.08
perl	pcre	3.0
perl	pcre	3.1
perl	pcre	3.2
perl	pcre	3.3
perl	pcre	3.4
perl	pcre	3.5
perl	pcre	3.6
perl	pcre	3.7
perl	pcre	3.8
perl	pcre	3.9
perl	pcre	4.0
perl	pcre	4.1
perl	pcre	4.2
perl	pcre	4.3
perl	pcre	4.4
perl	pcre	4.5
perl	pcre	5.0
perl	pcre	6.0
perl	pcre	6.1
perl	pcre	6.2
perl	pcre	6.3
perl	pcre	6.4
perl	pcre	6.5
perl	pcre	6.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1671DF-FBF5-456A-8B32-A0BA4592E990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75E5BF9-0856-4D73-A63B-5F293AA6DD85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "0457268F-8256-45CF-A933-D2D656C5C1A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "B63D45CD-D61A-4B92-BBE6-3FA21D768E19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "07648302-DE4A-40F1-B7B1-9AC47A1244DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA8252FA-E4C3-46E1-8750-A1BFDA0249BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.97:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D6128B8-1EF3-4B04-A5A5-B553956916EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.98:*:*:*:*:*:*:*",
              "matchCriteriaId": "17FCA7BE-EF01-4D29-99F0-A821B0E1A753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:0.99:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8D3AE1-BE82-478A-81F0-EDE60FB2647C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "597C0FE1-95C6-4C8E-B848-CECFB74D2508",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F4ACC0-51D8-4B6E-8A81-C27BC0CCF2B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "06414704-7682-4F8F-9C95-39D56414D410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD19C715-A0D8-4FCD-A05B-D641A6AD913F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE692AA5-18A2-4F75-AE4B-1FCA309E5FB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D39E7A8-6FAE-422F-915C-F493299DD3FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C1BF27-1917-4159-BA47-D8BDDEEB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "12BDFD21-A3F8-4315-AF73-97746D5E3A58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA1207D3-4F89-44EC-8B22-EB93E3A4CAEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:1.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "9441BDEE-DFF7-4D77-B74C-A0FE51001D12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D7E2B1A-B313-4170-9DA6-4CD763C0223D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "74E18F0D-0CD5-4533-9EDF-E9A1AF2CA41C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A06B048-F3AB-4E0E-9FD4-D60620D87EC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "C064B1BC-E531-4850-9F2D-0DC779969A9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DDAB38A-F691-4B17-8BF6-8F3589EEF11D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "895B2363-4081-435B-92DB-C6E582628B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EE1A1D9-489C-4791-9D36-6A2CF16DDA16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DBE7E3-F1E8-4774-A2D5-BE35FAAF8597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:2.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B8DF97-0352-4766-845E-BCD88B7824EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6EB07B8-0658-497A-A375-E204F5417AD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69B715A8-581F-434E-8C83-18BCA71A471B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "93806FD1-E4DC-4A1A-B11E-B0E4D258125F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5794916E-9527-4B41-8D89-123F6A285226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "047E5828-8D82-466D-B222-479BAA3BA13E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "26E678D0-AD74-4E80-9286-7F6B059CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D227EE-65D7-4464-AC86-D07032E2AA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "947E93C0-CE10-4470-8C74-CA03EBC0D2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "770E4E21-A5CA-453D-9DE0-198A2C65CFDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8346714-8560-411A-84A9-DF4F4B593025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C025455-01A4-4F2F-8791-19B038AC8F55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D971A8C-2B25-45F7-8A98-C330E02BEDB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A707DA-AC21-4E6C-84EE-251D1F01DFB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3578B444-0F11-444B-9A02-C11B83568FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB18761-B46E-4557-A88D-76F81C1A9814",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84D22D9-965A-4A12-BAD8-5677CE8A0330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B31B3D1-97FB-4DE4-8F20-8C75AC08B030",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42652ED9-8E18-47F3-B2D7-B49CA2E2445E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC40CEA3-2247-4B01-8552-643E033DDF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "38BA9F55-667B-45A1-B4DA-E3A382D5A519",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3464708A-995D-48E4-8075-004B2E1D9116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "38260BF3-824C-495F-9523-D6F9FC367C54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1D415A8-F6BF-493A-9F2A-79E0C5F77825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:perl:pcre:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E92731B4-5916-4AF1-A15A-829A7B2C051E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a \"malformed POSIX character class\", as demonstrated via an invalid character after a [[ sequence."
    },
    {
      "lang": "es",
      "value": "La biblioteca Perl-Compatible Regular Expression (PCRE) versiones anteriores a 6.7 permite a atacantes locales o remotos dependientes del contexto provocar una denegaci\u00f3n de servicio (error o ca\u00edda) mediante  una expresi\u00f3n regular que involucra \"clase de caracter POSIX malformado\" como se demuestra con un caracter tras una secuencia [[."
    }
  ],
  "id": "CVE-2006-7225",
  "lastModified": "2024-11-21T00:24:40.667",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-12-03T20:46:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28041"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28658"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.pcre.org/changelog.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1059.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1068.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/26725"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=384761"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10985"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.pcre.org/changelog.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1068.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=384761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10985"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2006-7225

Vulnerability from cvelistv5

Published

2007-12-03 20:00

Modified

2024-08-07 20:57