CVE-2014-8964 - Vulnerability Details

Vendors	Products
Fedoraproject	Fedora
Mariadb	Mariadb
Opensuse	Opensuse
Oracle	Solaris
Pcre	Pcre
Redhat	Enterprise Linux Enterprise Linux Desktop Enterprise Linux Eus Enterprise Linux Server Enterprise Linux Server Aus Enterprise Linux Server Tus Enterprise Linux Workstation

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7
pcre-0:8.32-14.el7	cpe:/o:redhat:enterprise_linux:7	RHSA-2015:0330	2015-03-05T00:00:00Z

Link	Providers
http://advisories.mageia.org/MGASA-2014-0534.html
http://bugs.exim.org/show_bug.cgi?id=1546
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html
http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html
http://rhn.redhat.com/errata/RHSA-2015-0330.html
http://www.exim.org/viewvc/pcre?view=revision&revision=1513
http://www.mandriva.com/security/advisories?name=MDVSA-2015:002
http://www.mandriva.com/security/advisories?name=MDVSA-2015:137
http://www.openwall.com/lists/oss-security/2014/11/21/6
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.securityfocus.com/bid/71206
https://bugzilla.redhat.com/show_bug.cgi?id=1166147
https://nvd.nist.gov/vuln/detail/CVE-2014-8964
https://security.gentoo.org/glsa/201607-02
https://www.cve.org/CVERecord?id=CVE-2014-8964

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-11-19T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-30T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "FEDORA-2014-17624", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html"}, {"name": "openSUSE-SU-2015:0858", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"}, {"name": "71206", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71206"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://advisories.mageia.org/MGASA-2014-0534.html"}, {"name": "FEDORA-2014-17642", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html"}, {"name": "FEDORA-2014-15573", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html"}, {"name": "[oss-security] 20141121 Re: CVE request: heap buffer overflow in PCRE", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/11/21/6"}, {"name": "RHSA-2015:0330", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0330.html"}, {"name": "FEDORA-2014-17626", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html"}, {"name": "MDVSA-2015:002", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:002"}, {"name": "MDVSA-2015:137", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:137"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.exim.org/show_bug.cgi?id=1546"}, {"name": "GLSA-201607-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201607-02"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-8964", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FEDORA-2014-17624", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html"}, {"name": "openSUSE-SU-2015:0858", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"}, {"name": "71206", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71206"}, {"name": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513", "refsource": "CONFIRM", "url": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513"}, {"name": "http://advisories.mageia.org/MGASA-2014-0534.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2014-0534.html"}, {"name": "FEDORA-2014-17642", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html"}, {"name": "FEDORA-2014-15573", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html"}, {"name": "[oss-security] 20141121 Re: CVE request: heap buffer overflow in PCRE", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/11/21/6"}, {"name": "RHSA-2015:0330", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0330.html"}, {"name": "FEDORA-2014-17626", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html"}, {"name": "MDVSA-2015:002", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:002"}, {"name": "MDVSA-2015:137", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:137"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147"}, {"name": "http://bugs.exim.org/show_bug.cgi?id=1546", "refsource": "CONFIRM", "url": "http://bugs.exim.org/show_bug.cgi?id=1546"}, {"name": "GLSA-201607-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:33:12.895Z"}, "title": "CVE Program Container", "references": [{"name": "FEDORA-2014-17624", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html"}, {"name": "openSUSE-SU-2015:0858", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"}, {"name": "71206", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/71206"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://advisories.mageia.org/MGASA-2014-0534.html"}, {"name": "FEDORA-2014-17642", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html"}, {"name": "FEDORA-2014-15573", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html"}, {"name": "[oss-security] 20141121 Re: CVE request: heap buffer overflow in PCRE", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/11/21/6"}, {"name": "RHSA-2015:0330", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0330.html"}, {"name": "FEDORA-2014-17626", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html"}, {"name": "MDVSA-2015:002", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:002"}, {"name": "MDVSA-2015:137", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:137"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.exim.org/show_bug.cgi?id=1546"}, {"name": "GLSA-201607-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201607-02"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-8964", "datePublished": "2014-12-16T18:00:00", "dateReserved": "2014-11-18T00:00:00", "dateUpdated": "2024-08-06T13:33:12.895Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2014-11-19T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-06-30T16:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : FEDORA-2014-17624 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html (string)

}

1 : { »

name : openSUSE-SU-2015:0858 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html (string)

}

3 : { »

name : 71206 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/71206 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.exim.org/viewvc/pcre?view=revision&revision=1513 (string)

}

5 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://advisories.mageia.org/MGASA-2014-0534.html (string)

}

6 : { »

name : FEDORA-2014-17642 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html (string)

}

7 : { »

name : FEDORA-2014-15573 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html (string)

}

8 : { »

name : [oss-security] 20141121 Re: CVE request: heap buffer overflow in PCRE (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2014/11/21/6 (string)

}

9 : { »

name : RHSA-2015:0330 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0330.html (string)

}

10 : { »

name : FEDORA-2014-17626 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html (string)

}

11 : { »

name : MDVSA-2015:002 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:002 (string)

}

12 : { »

name : MDVSA-2015:137 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:137 (string)

}

13 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1166147 (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://bugs.exim.org/show_bug.cgi?id=1546 (string)

}

15 : { »

name : GLSA-201607-02 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : https://security.gentoo.org/glsa/201607-02 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2014-8964 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : FEDORA-2014-17624 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html (string)

}

1 : { »

name : openSUSE-SU-2015:0858 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html (string)

}

2 : { »

name : http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html (string)

refsource : CONFIRM (string)

url : http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html (string)

}

3 : { »

name : 71206 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/71206 (string)

}

4 : { »

name : http://www.exim.org/viewvc/pcre?view=revision&revision=1513 (string)

refsource : CONFIRM (string)

url : http://www.exim.org/viewvc/pcre?view=revision&revision=1513 (string)

}

5 : { »

name : http://advisories.mageia.org/MGASA-2014-0534.html (string)

refsource : CONFIRM (string)

url : http://advisories.mageia.org/MGASA-2014-0534.html (string)

}

6 : { »

name : FEDORA-2014-17642 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html (string)

}

7 : { »

name : FEDORA-2014-15573 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html (string)

}

8 : { »

name : [oss-security] 20141121 Re: CVE request: heap buffer overflow in PCRE (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2014/11/21/6 (string)

}

9 : { »

name : RHSA-2015:0330 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2015-0330.html (string)

}

10 : { »

name : FEDORA-2014-17626 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html (string)

}

11 : { »

name : MDVSA-2015:002 (string)

refsource : MANDRIVA (string)

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:002 (string)

}

12 : { »

name : MDVSA-2015:137 (string)

refsource : MANDRIVA (string)

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:137 (string)

}

13 : { »

name : https://bugzilla.redhat.com/show_bug.cgi?id=1166147 (string)

refsource : CONFIRM (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1166147 (string)

}

14 : { »

name : http://bugs.exim.org/show_bug.cgi?id=1546 (string)

refsource : CONFIRM (string)

url : http://bugs.exim.org/show_bug.cgi?id=1546 (string)

}

15 : { »

name : GLSA-201607-02 (string)

refsource : GENTOO (string)

url : https://security.gentoo.org/glsa/201607-02 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T13:33:12.895Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : FEDORA-2014-17624 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html (string)

}

1 : { »

name : openSUSE-SU-2015:0858 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html (string)

}

3 : { »

name : 71206 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/71206 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.exim.org/viewvc/pcre?view=revision&revision=1513 (string)

}

5 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://advisories.mageia.org/MGASA-2014-0534.html (string)

}

6 : { »

name : FEDORA-2014-17642 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html (string)

}

7 : { »

name : FEDORA-2014-15573 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html (string)

}

8 : { »

name : [oss-security] 20141121 Re: CVE request: heap buffer overflow in PCRE (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2014/11/21/6 (string)

}

9 : { »

name : RHSA-2015:0330 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0330.html (string)

}

10 : { »

name : FEDORA-2014-17626 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html (string)

}

11 : { »

name : MDVSA-2015:002 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

2 : x_transferred (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:002 (string)

}

12 : { »

name : MDVSA-2015:137 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

2 : x_transferred (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:137 (string)

}

13 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1166147 (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://bugs.exim.org/show_bug.cgi?id=1546 (string)

}

15 : { »

name : GLSA-201607-02 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : https://security.gentoo.org/glsa/201607-02 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2014-8964 (string)

datePublished : 2014-12-16T18:00:00 (string)

dateReserved : 2014-11-18T00:00:00 (string)

dateUpdated : 2024-08-06T13:33:12.895Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*", "matchCriteriaId": "84438587-2934-4B73-885D-9FD633C8CEE8", "versionEndIncluding": "8.36", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "29467705-2765-41F2-8466-93FB1A88ABD5", "versionEndExcluding": "10.0.18", "versionStartIncluding": "10.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats."}, {"lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en PCRE 8.36 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) o tener otro impacto no especificado a trav\u00e9s de una expresi\u00f3n regular manipulada, relacionado con una aserci\u00f3n que permite cero repeticiones."}], "id": "CVE-2014-8964", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-12-16T18:59:10.747", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://advisories.mageia.org/MGASA-2014-0534.html"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Permissions Required", "Third Party Advisory"], "url": "http://bugs.exim.org/show_bug.cgi?id=1546"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0330.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:002"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:137"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/11/21/6"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/71206"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201607-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://advisories.mageia.org/MGASA-2014-0534.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Permissions Required", "Third Party Advisory"], "url": "http://bugs.exim.org/show_bug.cgi?id=1546"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0330.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:137"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/11/21/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/71206"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201607-02"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 84438587-2934-4B73-885D-9FD633C8CEE8 (string)

versionEndIncluding : 8.36 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 29467705-2765-41F2-8466-93FB1A88ABD5 (string)

versionEndExcluding : 10.0.18 (string)

versionStartIncluding : 10.0.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:* (string)

matchCriteriaId : 5991814D-CA77-4C25-90D2-DB542B17E0AD (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:* (string)

matchCriteriaId : FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:* (string)

matchCriteriaId : 56BDB5A0-0839-4A20-A003-B8CD56F48171 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A10BC294-9196-425F-9FB0-B1625465B47F (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 03117DF1-3BEC-4B8D-AD63-DBBDB2126081 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B1C288F-326B-497B-B26C-D26E01262DDB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 33C068A4-3780-4EAB-A937-6082DF847564 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 807C024A-F8E8-4B48-A349-4C68CD252CA1 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* (string)

matchCriteriaId : F96E3779-F56A-45FF-BB3D-4980527D721E (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 0CF73560-2F5B-4723-A8A1-9AADBB3ADA00 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 5BF3C7A5-9117-42C7-BEA1-4AA378A582EF (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 83737173-E12E-4641-BC49-0BD84A6B29D0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 51EF4996-72F4-4FA4-814F-F5991E7A8318 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 98381E61-F082-4302-B51F-5648884F998B (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* (string)

matchCriteriaId : D99A687E-EAE6-417E-A88E-D0082BC194CD (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* (string)

matchCriteriaId : B353CE99-D57C-465B-AAB0-73EF581127D1 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 7431ABC1-9252-419E-8CC1-311B41360078 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* (string)

matchCriteriaId : B76AA310-FEC7-497F-AF04-C3EC1E76C4CC (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 17F256A9-D3B9-4C72-B013-4EFD878BFEA8 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 825ECE2D-E232-46E0-A047-074B34DB1E97 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. (string)

}

1 : { »

lang : es (string)

value : Desbordamiento de buffer basado en memoria dinámica en PCRE 8.36 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) o tener otro impacto no especificado a través de una expresión regular manipulada, relacionado con una aserción que permite cero repeticiones. (string)

}

]

id : CVE-2014-8964 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2014-12-16T18:59:10.747 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://advisories.mageia.org/MGASA-2014-0534.html (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Issue Tracking (string)

1 : Permissions Required (string)

2 : Third Party Advisory (string)

]

url : http://bugs.exim.org/show_bug.cgi?id=1546 (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html (string)

}

5 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html (string)

}

6 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html (string)

}

7 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0330.html (string)

}

8 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.exim.org/viewvc/pcre?view=revision&revision=1513 (string)

}

9 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:002 (string)

}

10 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:137 (string)

}

11 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://www.openwall.com/lists/oss-security/2014/11/21/6 (string)

}

12 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html (string)

}

13 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/71206 (string)

}

14 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Issue Tracking (string)

1 : Third Party Advisory (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1166147 (string)

}

15 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://security.gentoo.org/glsa/201607-02 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://advisories.mageia.org/MGASA-2014-0534.html (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Issue Tracking (string)

1 : Permissions Required (string)

2 : Third Party Advisory (string)

]

url : http://bugs.exim.org/show_bug.cgi?id=1546 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0330.html (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.exim.org/viewvc/pcre?view=revision&revision=1513 (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:002 (string)

}

26 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:137 (string)

}

27 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://www.openwall.com/lists/oss-security/2014/11/21/6 (string)

}

28 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html (string)

}

29 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/71206 (string)

}

30 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Issue Tracking (string)

1 : Third Party Advisory (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1166147 (string)

}

31 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://security.gentoo.org/glsa/201607-02 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-119 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2015:0330", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "pcre-0:8.32-14.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-03-05T00:00:00Z"}], "bugzilla": {"description": "pcre: incorrect handling of zero-repeat assertion conditions", "id": "1166147", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-119", "details": ["Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.", "A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application (for example, Konqueror) linked against PCRE to crash while parsing malicious regular expressions."], "name": "CVE-2014-8964", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "pcre", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "pcre", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Will not fix", "package_name": "php54-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Will not fix", "package_name": "php55-php", "product_name": "Red Hat Software Collections"}], "public_date": "2014-11-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-8964\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-8964"], "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2015:0330 (string)

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

package : pcre-0:8.32-14.el7 (string)

product_name : Red Hat Enterprise Linux 7 (string)

release_date : 2015-03-05T00:00:00Z (string)

}

]

bugzilla : { »

description : pcre: incorrect handling of zero-repeat assertion conditions (string)

id : 1166147 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1166147 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 4.3 (string)

cvss_scoring_vector : AV:N/AC:M/Au:N/C:N/I:N/A:P (string)

status : verified (string)

}

cwe : CWE-119 (string)

details : [ »

0 : Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. (string)

1 : A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application (for example, Konqueror) linked against PCRE to crash while parsing malicious regular expressions. (string)

]

name : CVE-2014-8964 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

fix_state : Not affected (string)

package_name : pcre (string)

product_name : Red Hat Enterprise Linux 5 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : pcre (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

2 : { »

cpe : cpe:/a:redhat:rhel_software_collections:2 (string)

fix_state : Will not fix (string)

package_name : php54-php (string)

product_name : Red Hat Software Collections (string)

}

3 : { »

cpe : cpe:/a:redhat:rhel_software_collections:2 (string)

fix_state : Will not fix (string)

package_name : php55-php (string)

product_name : Red Hat Software Collections (string)

}

]

public_date : 2014-11-18T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2014-8964 https://nvd.nist.gov/vuln/detail/CVE-2014-8964 (string)

]

threat_severity : Low (string)

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object