Perl-Compatible Regular Expression (PCRE) library prior to 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pcre pcre |