Unrated severityNVD Advisory· Published Jul 23, 2007· Updated Jun 16, 2026
CVE-2007-3944
CVE-2007-3944
Description
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
- (no CPE)range: <3.0.3
- cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
- Range: <1.0.1
Patches
Vulnerability mechanics
References
11- secunia.com/advisories/26287nvdVendor Advisory
- www.vupen.com/english/advisories/2007/2730nvdVendor Advisory
- www.vupen.com/english/advisories/2007/2731nvdVendor Advisory
- docs.info.apple.com/article.htmlnvd
- docs.info.apple.com/article.htmlnvd
- www.nytimes.com/2007/07/23/technology/23iphone.htmlnvd
- www.securityevaluators.com/iphone/nvd
- www.securityevaluators.com/iphone/exploitingiphone.pdfnvd
- www.securityfocus.com/bid/25002nvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/35577nvd
News mentions
0No linked articles in our index yet.