Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2008-1026

Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow.

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.zerodayinit...
CONFIRM: http://support.apple.c...
BID: 28815
SECTRACK: 1019870
APPLE: APPLE-SA-2008-04-16
SECUNIA: 29846
APPLE: APPLE-SA-2008-07-11
SECUNIA: 31074
SREASON: 3815
VUPEN: ADV-2008-1250
VUPEN: ADV-2008-2094
XF: apple-safari-webkit-pc...
BUGTRAQ: 20080416 ZDI-08-022: A...

Launchpad.net

CVE 2008-1026

Related bugs

References