Executive Summary

Informations
NameCVE-2007-4768First vendor Publication2007-11-07
VendorCveLast vendor Modification2013-08-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides user account access : Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9701
 
Oval ID: oval:org.mitre.oval:def:9701
Title: Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.
Description: Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.
Family: unix Class: vulnerability
Reference(s): CVE-2007-4768
Version: 3
Platform(s): Red Hat Enterprise Linux Extras 3
Red Hat Enterprise Linux Extras 4
Red Hat Enterprise Linux Extras 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8010
 
Oval ID: oval:org.mitre.oval:def:8010
Title: DSA-1570 kazehakase -- various
Description: Andrews Salomon reported that kazehakase, a GTK+-based web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library. The PCRE library has been updated to fix the security issues reported against it in previous Debian Security Advisories. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version.
Family: unix Class: patch
Reference(s): DSA-1570
CVE-2006-7227
CVE-2006-7228
CVE-2006-7230
CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): kazehakase
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20218
 
Oval ID: oval:org.mitre.oval:def:20218
Title: DSA-1399-1 pcre3 - arbitrary code execution
Description: Tavis Ormandy of the Google Security Team has discovered several security issues in PCRE, the Perl-Compatible Regular Expression library, which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions.
Family: unix Class: patch
Reference(s): DSA-1399-1
CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): pcre3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18752
 
Oval ID: oval:org.mitre.oval:def:18752
Title: DSA-1570-1 kazehakase - execution of arbitrary code
Description: Andrews Salomon reported that kazehakase, a GTK+-based web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library.
Family: unix Class: patch
Reference(s): DSA-1570-1
CVE-2006-7227
CVE-2006-7228
CVE-2006-7230
CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): kazehakase
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17651
 
Oval ID: oval:org.mitre.oval:def:17651
Title: USN-547-1 -- pcre3 vulnerabilities
Description: Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE.
Family: unix Class: patch
Reference(s): USN-547-1
CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
Product(s): pcre3
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3

OpenVAS Exploits

DateDescription
2010-05-12Name : Mac OS X Security Update 2007-009
File : nvt/macosx_secupd_2007-009.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-04-09Name : Mandriva Update for pcre MDKSA-2007:211 (pcre)
File : nvt/gb_mandriva_MDKSA_2007_211.nasl
2009-03-23Name : Ubuntu Update for pcre3 vulnerabilities USN-547-1
File : nvt/gb_ubuntu_USN_547_1.nasl
2009-02-16Name : Fedora Update for pcre FEDORA-2008-1842
File : nvt/gb_fedora_2008_1842_pcre_fc7.nasl
2009-01-28Name : SuSE Update for flash-player SUSE-SA:2007:069
File : nvt/gb_suse_2007_069.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200711-30 (libpcre)
File : nvt/glsa_200711_30.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200801-02 (R)
File : nvt/glsa_200801_02.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200801-07 (netscape-flash)
File : nvt/glsa_200801_07.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200801-18 (kazehakase)
File : nvt/glsa_200801_18.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200801-19 (goffice)
File : nvt/glsa_200801_19.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200802-10 (python)
File : nvt/glsa_200802_10.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200805-11 (chicken)
File : nvt/glsa_200805_11.nasl
2008-09-04Name : FreeBSD Ports: linux-flashplugin
File : nvt/freebsd_linux-flashplugin2.nasl
2008-09-04Name : FreeBSD Ports: pcre, pcre-utf8
File : nvt/freebsd_pcre0.nasl
2008-05-12Name : Debian Security Advisory DSA 1570-1 (kazehakase)
File : nvt/deb_1570_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1399-1 (pcre3)
File : nvt/deb_1399_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
40766Perl-Compatible Regular Expression (PCRE) Singleton Unicode Sequence Handling...

Nessus® Vulnerability Scanner

DateDescription
2009-08-28Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_812.nasl - Type : ACT_GATHER_INFO
2009-08-24Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2007-1126.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-211.nasl - Type : ACT_GATHER_INFO
2008-05-13Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200805-11.nasl - Type : ACT_GATHER_INFO
2008-05-09Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1570.nasl - Type : ACT_GATHER_INFO
2008-03-19Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO
2008-03-07Name : The remote Fedora host is missing a security update.
File : fedora_2008-1842.nasl - Type : ACT_GATHER_INFO
2008-02-25Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200802-10.nasl - Type : ACT_GATHER_INFO
2008-02-06Name : The PDF file viewer on the remote Windows host is affected by multiple vulner...
File : adobe_reader_812.nasl - Type : ACT_GATHER_INFO
2008-02-01Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200801-18.nasl - Type : ACT_GATHER_INFO
2008-02-01Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200801-19.nasl - Type : ACT_GATHER_INFO
2008-01-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200801-07.nasl - Type : ACT_GATHER_INFO
2008-01-10Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200801-02.nasl - Type : ACT_GATHER_INFO
2008-01-04Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_562cf6c4b9f111dca302000102cc8983.nasl - Type : ACT_GATHER_INFO
2007-12-24Name : The remote openSUSE host is missing a security update.
File : suse_flash-player-4855.nasl - Type : ACT_GATHER_INFO
2007-12-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-4856.nasl - Type : ACT_GATHER_INFO
2007-12-19Name : The remote Windows host contains a browser plugin that is affected by multipl...
File : flash_player_apsb07-20.nasl - Type : ACT_GATHER_INFO
2007-12-18Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO
2007-11-29Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-547-1.nasl - Type : ACT_GATHER_INFO
2007-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200711-30.nasl - Type : ACT_GATHER_INFO
2007-11-09Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-212.nasl - Type : ACT_GATHER_INFO
2007-11-07Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_bfd6eef48c9411dc8c55001c2514716c.nasl - Type : ACT_GATHER_INFO
2007-11-06Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1399.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BIDhttp://www.securityfocus.com/bid/26346
BUGTRAQhttp://www.securityfocus.com/archive/1/archive/1/483357/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/483579/100/0/threaded
CERThttp://www.us-cert.gov/cas/techalerts/TA07-352A.html
http://www.us-cert.gov/cas/techalerts/TA07-355A.html
CONFIRMhttp://docs.info.apple.com/article.html?artnum=307179
http://docs.info.apple.com/article.html?artnum=307562
http://www.adobe.com/support/security/bulletins/apsb07-20.html
http://www.adobe.com/support/security/bulletins/apsb08-13.html
https://issues.rpath.com/browse/RPL-1738
DEBIANhttp://www.debian.org/security/2007/dsa-1399
http://www.debian.org/security/2008/dsa-1570
FEDORAhttps://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html
GENTOOhttp://security.gentoo.org/glsa/glsa-200711-30.xml
http://security.gentoo.org/glsa/glsa-200801-02.xml
http://security.gentoo.org/glsa/glsa-200801-18.xml
http://security.gentoo.org/glsa/glsa-200801-19.xml
http://security.gentoo.org/glsa/glsa-200805-11.xml
http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:211
MISChttp://bugs.gentoo.org/show_bug.cgi?id=198976
MLISThttp://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
REDHAThttp://www.redhat.com/support/errata/RHSA-2007-1126.html
SECTRACKhttp://securitytracker.com/id?1019116
SECUNIAhttp://secunia.com/advisories/27538
http://secunia.com/advisories/27543
http://secunia.com/advisories/27554
http://secunia.com/advisories/27697
http://secunia.com/advisories/27741
http://secunia.com/advisories/28136
http://secunia.com/advisories/28157
http://secunia.com/advisories/28161
http://secunia.com/advisories/28213
http://secunia.com/advisories/28406
http://secunia.com/advisories/28414
http://secunia.com/advisories/28570
http://secunia.com/advisories/28714
http://secunia.com/advisories/28720
http://secunia.com/advisories/29267
http://secunia.com/advisories/29420
http://secunia.com/advisories/30106
http://secunia.com/advisories/30155
http://secunia.com/advisories/30219
http://secunia.com/advisories/30507
http://secunia.com/advisories/30840
SUNALERThttp://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
UBUNTUhttp://www.ubuntulinux.org/support/documentation/usn/usn-547-1
VUPENhttp://www.vupen.com/english/advisories/2007/3725
http://www.vupen.com/english/advisories/2007/3790
http://www.vupen.com/english/advisories/2007/4238
http://www.vupen.com/english/advisories/2007/4258
http://www.vupen.com/english/advisories/2008/0924/references
http://www.vupen.com/english/advisories/2008/1724/references
http://www.vupen.com/english/advisories/2008/1966/references
XFhttp://xforce.iss.net/xforce/xfdb/38278

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 10:41:41
  • Multiple Updates
2013-08-27 17:20:17
  • Multiple Updates
2013-05-11 10:36:03
  • Multiple Updates