CVE-2005-2491: Buffer Overflow
First published: Mon Aug 22 2005(Updated: )
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PCRE (Perl Compatible Regular Expressions) | =5.0 | |
| PCRE (Perl Compatible Regular Expressions) | =6.0 | |
| PCRE (Perl Compatible Regular Expressions) | =6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/14620
- http://securitytracker.com/id?1014744
- http://www.debian.org/security/2005/dsa-800
- http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml
- http://www.redhat.com/support/errata/RHSA-2005-761.html
- http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml
- http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
- http://www.debian.org/security/2005/dsa-819
- http://www.debian.org/security/2005/dsa-817
- http://www.debian.org/security/2005/dsa-821
- http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml
- http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
- http://www.ethereal.com/appnotes/enpa-sa-00021.html
- http://www.php.net/release_4_4_1.php
- http://docs.info.apple.com/article.html?artnum=302847
- http://www.securityfocus.com/bid/15647
- http://secunia.com/advisories/17813
- http://secunia.com/advisories/16502
- http://secunia.com/advisories/16679
- http://www.redhat.com/support/errata/RHSA-2006-0197.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
- http://secunia.com/advisories/19072
- http://www.redhat.com/support/errata/RHSA-2005-358.html
- http://secunia.com/advisories/19193
- http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf
- http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf
- http://secunia.com/advisories/17252
- http://secunia.com/advisories/19532
- http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
- http://www.novell.com/linux/security/advisories/2005_48_pcre.html
- http://www.novell.com/linux/security/advisories/2005_49_php.html
- http://www.novell.com/linux/security/advisories/2005_52_apache2.html
- http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm
- http://secunia.com/advisories/21522
- http://secunia.com/advisories/22691
- http://secunia.com/advisories/22875
- http://securityreason.com/securityalert/604
- http://www.vupen.com/english/advisories/2006/0789
- http://www.vupen.com/english/advisories/2006/4502
- http://www.vupen.com/english/advisories/2006/4320
- http://www.vupen.com/english/advisories/2005/1511
- http://www.vupen.com/english/advisories/2005/2659
- http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
- http://marc.info/?l=bugtraq&m=130497311408250&w=2
- http://marc.info/?l=bugtraq&m=112606064317223&w=2
- http://marc.info/?l=bugtraq&m=112605112027335&w=2
- http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516
- http://www.securityfocus.com/archive/1/428138/100/0/threaded
- http://www.securityfocus.com/archive/1/427046/100/0/threaded
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
Frequently Asked Questions
What is the severity of CVE-2005-2491?
CVE-2005-2491 is considered high severity due to its potential for arbitrary code execution through a heap-based buffer overflow.
How do I fix CVE-2005-2491?
To fix CVE-2005-2491, you should upgrade to PCRE version 6.2 or later, where the vulnerability is resolved.
What products are affected by CVE-2005-2491?
CVE-2005-2491 affects various products, including Python, Ethereal, and PHP that utilize vulnerable versions of PCRE.
How does CVE-2005-2491 allow an attacker to exploit systems?
CVE-2005-2491 allows an attacker to exploit systems by using specially crafted regular expressions with quantifier values that trigger the integer overflow.
Who is impacted by CVE-2005-2491?
Individuals and organizations using affected versions of PCRE in their applications are impacted by CVE-2005-2491.
- agent/type
- agent/severity
- agent/references
- agent/softwarecombine
- agent/author
- agent/description
- agent/remedy
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/pcre
- canonical/pcre (perl compatible regular expressions)
- version/pcre (perl compatible regular expressions)/5.0
- version/pcre (perl compatible regular expressions)/6.0
- version/pcre (perl compatible regular expressions)/6.1