Search for vulnerabilities
Vulnerability details: VCID-8kdb-ek5k-aaar
Vulnerability ID VCID-8kdb-ek5k-aaar
Aliases CVE-2006-7230
Summary Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2007:1059
rhas Important https://access.redhat.com/errata/RHSA-2007:1068
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.02478 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.03644 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
epss 0.05351 https://api.first.org/data/v1/epss?cve=CVE-2006-7230
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2006-7230
Reference id Reference type URL
http://bugs.gentoo.org/show_bug.cgi?id=198976
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7230.json
https://api.first.org/data/v1/epss?cve=CVE-2006-7230
https://bugzilla.redhat.com/show_bug.cgi?id=384801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7230
http://secunia.com/advisories/27741
http://secunia.com/advisories/27773
http://secunia.com/advisories/28041
http://secunia.com/advisories/28406
http://secunia.com/advisories/28414
http://secunia.com/advisories/28658
http://secunia.com/advisories/28714
http://secunia.com/advisories/28720
http://secunia.com/advisories/30106
http://secunia.com/advisories/30155
http://secunia.com/advisories/30219
http://security.gentoo.org/glsa/glsa-200711-30.xml
http://security.gentoo.org/glsa/glsa-200801-02.xml
http://security.gentoo.org/glsa/glsa-200801-18.xml
http://security.gentoo.org/glsa/glsa-200801-19.xml
http://security.gentoo.org/glsa/glsa-200805-11.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10911
http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm
http://www.debian.org/security/2008/dsa-1570
http://www.mandriva.com/security/advisories?name=MDVSA-2008:030
http://www.novell.com/linux/security/advisories/2007_62_pcre.html
http://www.pcre.org/changelog.txt
http://www.redhat.com/support/errata/RHSA-2007-1059.html
http://www.redhat.com/support/errata/RHSA-2007-1068.html
http://www.securityfocus.com/bid/26550
cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*
CVE-2006-7230 https://nvd.nist.gov/vuln/detail/CVE-2006-7230
GLSA-200711-30 https://security.gentoo.org/glsa/200711-30
RHSA-2007:1059 https://access.redhat.com/errata/RHSA-2007:1059
RHSA-2007:1068 https://access.redhat.com/errata/RHSA-2007:1068
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2006-7230
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.83887
EPSS Score 0.02478
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.