CVE-2015-2305

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

References

http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html

http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html

http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html

http://marc.info/?l=bugtraq&m=143403519711434&w=2

http://openwall.com/lists/oss-security/2015/02/07/14

http://openwall.com/lists/oss-security/2015/03/11/8

http://php.net/ChangeLog-5.php

http://rhn.redhat.com/errata/RHSA-2015-1053.html

http://rhn.redhat.com/errata/RHSA-2015-1066.html

http://www.debian.org/security/2015/dsa-3195

http://www.kb.cert.org/vuls/id/695940

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securityfocus.com/bid/72611

http://www.securitytracker.com/id/1031947

http://www.ubuntu.com/usn/USN-2572-1

http://www.ubuntu.com/usn/USN-2594-1

https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/

https://support.apple.com/HT205267

Details

Source: MITRE

Published: 2015-03-30

Updated: 2018-10-30

Type: CWE-189

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
98830PHP 5.6.x < 5.6.7 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
119964SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0868-1)NessusSuSE Local Security Checks
high
93161SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)NessusSuSE Local Security Checks
critical
9260ClamAV < 0.98.7 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
89044Debian DLA-444-1 : php5 security updateNessusDebian Local Security Checks
medium
8982Mac OS X < 10.11 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
86270Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)NessusMacOS X Local Security Checks
critical
84082SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1018-1)NessusSuSE Local Security Checks
high
83860SUSE SLED11 / SLES11 Security Update : MySQL (SUSE-SU-2015:0946-1) (FREAK)NessusSuSE Local Security Checks
medium
83558openSUSE Security Update : clamav (openSUSE-2015-366)NessusSuSE Local Security Checks
medium
83555FreeBSD : clamav -- multiple vulnerabilities (3d0428b2-fdfb-11e4-894f-d050996490d0)NessusFreeBSD Local Security Checks
medium
83494Amazon Linux AMI : php (ALAS-2015-524)NessusAmazon Linux Local Security Checks
medium
83461SuSE 11.3 Security Update : clamav (SAT Patch Number 10664)NessusSuSE Local Security Checks
medium
83352ClamAV < 0.98.7 Multiple VulnerabilitiesNessusMisc.
medium
83255Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : clamav vulnerabilities (USN-2594-1)NessusUbuntu Local Security Checks
medium
83245Mandriva Linux Security Advisory : clamav (MDVSA-2015:221)NessusMandriva Local Security Checks
medium
82923Slackware 14.0 / 14.1 / current : php (SSA:2015-111-10)NessusSlackware Local Security Checks
high
82911Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2572-1)NessusUbuntu Local Security Checks
high
82836Amazon Linux AMI : php56 (ALAS-2015-508)NessusAmazon Linux Local Security Checks
high
82835Amazon Linux AMI : php55 (ALAS-2015-507)NessusAmazon Linux Local Security Checks
high
82834Amazon Linux AMI : php54 (ALAS-2015-506)NessusAmazon Linux Local Security Checks
high
8681PHP 5.4.x < 5.4.39 / 5.5.x < 5.5.23 / 5.6.x < 5.6.7 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
82516openSUSE Security Update : php5 (openSUSE-2015-282)NessusSuSE Local Security Checks
high
82514FreeBSD : Several vulnerabilities found in PHP (742563d4-d776-11e4-b595-4061861086c1)NessusFreeBSD Local Security Checks
critical
82027PHP 5.6.x < 5.6.7 Multiple VulnerabilitiesNessusCGI abuses
critical
82026PHP 5.5.x < 5.5.23 Multiple VulnerabilitiesNessusCGI abuses
critical
82025PHP 5.4.x < 5.4.39 Multiple VulnerabilitiesNessusCGI abuses
critical
81926Debian DSA-3195-1 : php5 - security updateNessusDebian Local Security Checks
high