2 matches found
pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384...
PT-2015-6097 · Pcre +3 · Pcre2 +4
Name of the Vulnerable Software and Affected Versions: PCRE versions 8.34 through 8.37 PCRE2 version 10.10 Description: A heap-based buffer overflow issue allows remote attackers to execute arbitrary code via a crafted regular expression. Recommendations: For PCRE versions 8.34 through 8.37, upda...