Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2005-2491

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

  • Published: Aug 23, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-2491
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
pcre / pcre 5.0 5.0.x
pcre / pcre 6.0 6.0.x
pcre / pcre 6.1 6.1.x