cbcvebase.
CVE-2015-2305
published 2015-03-30

CVE-2015-2305: Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD…

PriorityP344medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
8.37%
94.3th percentile
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

Affected

35 ranges· showing 25
VendorProductVersion rangeFixed in
appleos_x_el_capitan_v10.11
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
clamavclamav>= 0 < 0.98.7+dfsg-10.98.7+dfsg-1
clamavclamav>= 0 < 0.98.7+dfsg-10.98.7+dfsg-1
clamavclamav>= 0 < 0.98.7+dfsg-10.98.7+dfsg-1
clamavclamav>= 0 < 0.98.7+dfsg-10.98.7+dfsg-1
debianalpine< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debianclamav< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debiancups< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debiandebian_linux
debiandebian_linux
debianefl< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debianhaskell-regex-posix< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debianknews< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debianlibrcsb-core-wrapper< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debiannewlib< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debiannvi< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debianradare2< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debiansma< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
debianvigor< clamav 0.98.7+dfsg-1 (bookworm)clamav 0.98.7+dfsg-1 (bookworm)
newlib_projectnewlib>= 0 < 2.0.0-12.0.0-1

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
vendor_ubuntu6.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.