CWE-624
Executable Regular Expression Error
Description
The product uses a regular expression that either (1) contains an executable component with user-controlled inputs, or (2) allows a user to enable execution by inserting pattern modifiers.
Case (2) is possible in the PHP preg_replace() function, and possibly in other languages when a user-controlled input is inserted into a string that is later parsed as a regular expression.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
Execute Unauthorized Code or Commands
Potential Mitigations
The regular expression feature in some languages allows inputs to be quoted or escaped before insertion, such as \Q and \E in Perl.
CVE-2006-2059Executable regexp in PHP by inserting "e" modifier into first argument to preg_replace
CVE-2005-3420Executable regexp in PHP by inserting "e" modifier into first argument to preg_replace
CVE-2006-2878Complex curly syntax inserted into the replacement argument to PHP preg_replace(), which uses the "/e" modifier
CVE-2006-2908Function allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now