CVE-2015-2305

Severity

68%

Complexity

86%

Confidentiality

106%

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 9 years ago

2015-03-30 10:59:00

Last updated 6 years ago

2018-10-30 16:27:00

Affected Software

rxspencer project rxspencer 3.8.g5

3.8.g5

Debian Linux 7.0

7.0

OpenSUSE 13.1

13.1

OpenSUSE 13.2

13.2

References

http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html

APPLE-SA-2015-09-30-3

SUSE-SU-2015:0868

SUSE-SU-2015:0946

openSUSE-SU-2015:0644

openSUSE-SU-2015:0906

SSRT102066

[oss-security] 20150207 Spencer regexp heap overflow?

[oss-security] 20150311 Re: CVE request: spencer regexp

http://php.net/ChangeLog-5.php

RHSA-2015:1053

RHSA-2015:1066

DSA-3195

VU#695940

Third Party Advisory, US Government Resource

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

72611

1031947

USN-2572-1

USN-2594-1

https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/

Exploit

https://support.apple.com/HT205267

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.