CVE-2015-2325

The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.
References
Link Resource
https://bugs.exim.org/show_bug.cgi?id=1591 Exploit Issue Tracking Permissions Required Third Party Advisory
https://fortiguard.com/zeroday/FG-VD-15-015 Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html Mailing List Third Party Advisory
https://www.pcre.org/original/changelog.txt Release Notes Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Information

Published : 2020-01-14 09:15

Updated : 2022-08-05 07:29


NVD link : CVE-2015-2325

Mitre link : CVE-2015-2325


JSON object : View

CWE
CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

Advertisement

dedicated server usa

Products Affected

opensuse

  • opensuse

mariadb

  • mariadb

pcre

  • pcre

php

  • php