FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371350
Date:      2014-10-22
Time:      08:54:58Z
Committer: matthew

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b971d2a6-1670-11da-978e-0001020eed82pcre -- regular expression buffer overflow

The pcre library is vulnerable to a buffer overflow vulnerability due to insufficient validation of quantifier values. This could lead execution of arbitrary code with the permissions of the program using pcre by way of a specially crated regular expression.


Discovery 2005-08-01
Entry 2005-08-26
pcre
pcre-utf8
lt 6.2

14620
CVE-2005-2491
http://www.pcre.org/changelog.txt
bfd6eef4-8c94-11dc-8c55-001c2514716cpcre -- arbitrary code execution

Debian project reports:

Tavis Ormandy of the Google Security Team has discovered several security issues in PCRE, the Perl-Compatible Regular Expression library, which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions.


Discovery 2007-11-05
Entry 2007-11-06
pcre
pcre-utf8
lt 7.3

CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768
http://www.pcre.org/changelog.txt
b971d2a6-1670-11da-978e-0001020eed82pcre -- regular expression buffer overflow

The pcre library is vulnerable to a buffer overflow vulnerability due to insufficient validation of quantifier values. This could lead execution of arbitrary code with the permissions of the program using pcre by way of a specially crated regular expression.


Discovery 2005-08-01
Entry 2005-08-26
pcre
pcre-utf8
lt 6.2

14620
CVE-2005-2491
http://www.pcre.org/changelog.txt
bfd6eef4-8c94-11dc-8c55-001c2514716cpcre -- arbitrary code execution

Debian project reports:

Tavis Ormandy of the Google Security Team has discovered several security issues in PCRE, the Perl-Compatible Regular Expression library, which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions.


Discovery 2007-11-05
Entry 2007-11-06
pcre
pcre-utf8
lt 7.3

CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768
http://www.pcre.org/changelog.txt