pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression.
References
Link | Resource |
---|---|
https://vcs.pcre.org/pcre2?view=revision&revision=697 | Patch Vendor Advisory |
https://vcs.pcre.org/pcre2?view=revision&revision=696 | Patch Vendor Advisory |
https://bugs.exim.org/show_bug.cgi?id=2079 | Exploit Issue Tracking Third Party Advisory VDB Entry |
https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/ | Exploit Patch Third Party Advisory VDB Entry |
https://security.gentoo.org/glsa/201710-09 |
Configurations
Information
Published : 2017-05-04 17:29
Updated : 2017-10-09 18:30
NVD link : CVE-2017-8786
Mitre link : CVE-2017-8786
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
pcre
- pcre2