CVE-2006-7228

MEDIUM

Description

Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.

ID	Name	Product	Family	Severity
67614	Oracle Linux 3 / 4 : python (ELSA-2007-1076)	Nessus	Oracle Linux Local Security Checks	medium
67613	Oracle Linux 4 : pcre (ELSA-2007-1068)	Nessus	Oracle Linux Local Security Checks	medium
67612	Oracle Linux 3 : pcre (ELSA-2007-1063)	Nessus	Oracle Linux Local Security Checks	medium
67611	Oracle Linux 5 : pcre (ELSA-2007-1059)	Nessus	Oracle Linux Local Security Checks	medium
67061	CentOS 4 : pcre (CESA-2007:1068)	Nessus	CentOS Local Security Checks	medium
65042	Scientific Linux Security Update : pcre on SL4.x, SL3.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
60327	Scientific Linux Security Update : python on SL4.x, SL3.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
60298	Scientific Linux Security Update : pcre on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
41187	SuSE9 Security Update : PHP4 (YOU Patch Number 12049)	Nessus	SuSE Local Security Checks	high
41173	SuSE9 Security Update : Python (YOU Patch Number 12013)	Nessus	SuSE Local Security Checks	high
41170	SuSE9 Security Update : Apache 2 (YOU Patch Number 12000)	Nessus	SuSE Local Security Checks	medium
40377	VMSA-2008-0007 : Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus	Nessus	VMware ESX Local Security Checks	critical
40374	VMSA-2008-0003 : Moderate: Updated aacraid driver and samba and python Service Console updates	Nessus	VMware ESX Local Security Checks	high
36264	CentOS 3 : pcre (CESA-2007:1063)	Nessus	CentOS Local Security Checks	medium
33512	RHEL 2.1 : php (RHSA-2008:0546)	Nessus	Red Hat Local Security Checks	critical
32144	Debian DSA-1570-1 : kazehakase - various	Nessus	Debian Local Security Checks	high
31158	GLSA-200802-10 : Python: PCRE Integer overflow	Nessus	Gentoo Local Security Checks	medium
29780	SuSE 10 Security Update : PHP5 (ZYPP Patch Number 4808)	Nessus	SuSE Local Security Checks	high
29302	RHEL 2.1 : python (RHSA-2007:1077)	Nessus	Red Hat Local Security Checks	medium
29301	RHEL 3 / 4 : python (RHSA-2007:1076)	Nessus	Red Hat Local Security Checks	medium
29255	CentOS 3 / 4 : python (CESA-2007:1076)	Nessus	CentOS Local Security Checks	medium
28367	RHEL 4 : pcre (RHSA-2007:1068)	Nessus	Red Hat Local Security Checks	medium
28366	RHEL 2.1 : pcre (RHSA-2007:1065)	Nessus	Red Hat Local Security Checks	medium
28365	RHEL 3 : pcre (RHSA-2007:1063)	Nessus	Red Hat Local Security Checks	medium
28364	RHEL 5 : pcre (RHSA-2007:1059)	Nessus	Red Hat Local Security Checks	medium
28319	GLSA-200711-30 : PCRE: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
27849	Mandrake Linux Security Advisory : pcre (MDKSA-2007:212)	Nessus	Mandriva Local Security Checks	high

CVE-2006-7228

Description

References

Details

Risk Information

CVSS v2.0