CVE-2008-2371
CVE-2008-2371 is a high-severity vulnerability in Pcre with a CVSS 2.0 base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-787.
Key facts
- Severity: High (CVSS 2.0 base score 7.5)
- EPSS exploit prediction: 7% (93rd percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-787
- Affected product: Pcre
- Published:
- Last modified:
Description
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
Frequently asked questions
- What is CVE-2008-2371?
- Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
- How severe is CVE-2008-2371?
- CVE-2008-2371 has a CVSS 2.0 base score of 7.5, rated high severity.
- Is CVE-2008-2371 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 7% (93rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2008-2371?
- CVE-2008-2371 primarily affects Pcre. In total, 11 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2008-2371?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2008-2371 published?
- CVE-2008-2371 was published on 2008-07-07 and last updated on 2026-06-16.
References
- http://bugs.gentoo.org/show_bug.cgi?id=228091
- http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes
- http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124654546101607&w=2
- http://marc.info/?l=bugtraq&m=125631037611762&w=2
- http://secunia.com/advisories/30916
- http://secunia.com/advisories/30944
- http://secunia.com/advisories/30945
- http://secunia.com/advisories/30958
- http://secunia.com/advisories/30961
- http://secunia.com/advisories/30967
- http://secunia.com/advisories/30972
- http://secunia.com/advisories/30990
- http://secunia.com/advisories/31200
- http://secunia.com/advisories/32222
- http://secunia.com/advisories/32454
- http://secunia.com/advisories/32746
- http://secunia.com/advisories/35074
- http://secunia.com/advisories/35650
- http://secunia.com/advisories/39300
- http://security.gentoo.org/glsa/glsa-200811-05.xml
- http://support.apple.com/kb/HT3216
- http://support.apple.com/kb/HT3549
- http://ubuntu.com/usn/usn-624-2
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0305
- http://www.debian.org/security/2008/dsa-1602
- http://www.gentoo.org/security/en/glsa/glsa-200807-03.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:147
Affected products (11)
- cpe:2.3:a:pcre:pcre:7.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
More vulnerabilities in Pcre
- CVE-2015-3210 — Critical (CVSS 9.8): Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code…
- CVE-2016-3191 — Critical (CVSS 9.8): The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22…
- CVE-2016-1283 — Critical (CVSS 9.8): The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the…
- CVE-2015-8391 — Critical (CVSS 9.8): The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote…
- CVE-2015-5073 — Critical (CVSS 9.1): Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote…
- CVE-2015-2325 — High (CVSS 7.8): The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a…
Other CWE-787 (Out-of-bounds Write) vulnerabilities
- CVE-2026-42369 — Critical (CVSS 10.0): GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other…
- CVE-2026-4746 — Critical (CVSS 10.0): Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/src modules). This vulnerability is…
- CVE-2025-43300 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS…
- CVE-2025-24201 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in…
- CVE-2024-42479 — Critical (CVSS 10.0): llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause…
- CVE-2024-39791 — Critical (CVSS 10.0): Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge…
Browse all CWE-787 (Out-of-bounds Write) vulnerabilities →
Threat intelligence
Threat-intel indicators referencing this CVE:
- 76.133.97.153 (ipv4-addr)
- 171.100.156.38 (ipv4-addr)