Perl-Compatible Regular Expression (PCRE) library prior to 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent malicious users to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pcre pcre |