Unrated severityNVD Advisory· Published Jul 7, 2008· Updated Apr 23, 2026
CVE-2008-2371
CVE-2008-2371
Description
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
Affected products
11cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
45- bugs.gentoo.org/show_bug.cginvdExploitIssue Tracking
- ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changesnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.htmlnvdMailing ListThird Party Advisory
- marc.infonvdIssue TrackingThird Party Advisory
- marc.infonvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/glsa-200811-05.xmlnvdThird Party Advisory
- support.apple.com/kb/HT3216nvdThird Party Advisory
- support.apple.com/kb/HT3549nvdThird Party Advisory
- ubuntu.com/usn/usn-624-2nvdThird Party Advisory
- wiki.rpath.com/wiki/Advisories:rPSA-2008-0305nvdBroken LinkThird Party Advisory
- www.debian.org/security/2008/dsa-1602nvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200807-03.xmlnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdBroken LinkThird Party Advisory
- www.mandriva.com/security/advisoriesnvdBroken LinkThird Party Advisory
- www.securityfocus.com/archive/1/497828/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/30087nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/31681nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-624-1nvdThird Party Advisory
- www.ubuntu.com/usn/usn-628-1nvdThird Party Advisory
- www.us-cert.gov/cas/techalerts/TA09-133A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2008/2005nvdPermissions RequiredThird Party Advisory
- www.vupen.com/english/advisories/2008/2006nvdPermissions RequiredThird Party Advisory
- www.vupen.com/english/advisories/2008/2336nvdPermissions RequiredThird Party Advisory
- www.vupen.com/english/advisories/2008/2780nvdPermissions RequiredThird Party Advisory
- www.vupen.com/english/advisories/2009/1297nvdPermissions RequiredThird Party Advisory
- www.vupen.com/english/advisories/2010/0833nvdPermissions RequiredThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00105.htmlnvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00123.htmlnvdThird Party Advisory
- lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlnvdMailing List
- lists.apple.com/archives/security-announce/2009/May/msg00002.htmlnvdMailing List
- secunia.com/advisories/30916nvdNot Applicable
- secunia.com/advisories/30944nvdNot Applicable
- secunia.com/advisories/30945nvdNot Applicable
- secunia.com/advisories/30958nvdNot Applicable
- secunia.com/advisories/30961nvdNot Applicable
- secunia.com/advisories/30967nvdNot Applicable
- secunia.com/advisories/30972nvdNot Applicable
- secunia.com/advisories/30990nvdNot Applicable
- secunia.com/advisories/31200nvdNot Applicable
- secunia.com/advisories/32222nvdNot Applicable
- secunia.com/advisories/32454nvdNot Applicable
- secunia.com/advisories/32746nvdNot Applicable
- secunia.com/advisories/35074nvdNot Applicable
- secunia.com/advisories/35650nvdNot Applicable
- secunia.com/advisories/39300nvdNot Applicable
News mentions
0No linked articles in our index yet.