QwikSec

Security Database

CVE

CWE

Training

CVE-2007-3944

Published: Jul 23, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://docs.info.apple.com/article.html?artnum=306173

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

iphone-safari-bo(35577)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_VUPEN

http://www.securityevaluators.com/iphone/

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

http://docs.info.apple.com/article.html?artnum=306174

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=1&adxnnl=1&adxnnlx=1185163364-1OTsRJvbylLamj17FY2wnw&oref=slogin

x_refsource_MISC

vdb-entry

x_refsource_VUPEN

http://www.securityevaluators.com/iphone/exploitingiphone.pdf

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.