Heap-based buffer overflow in PCRE 8.34 up to and including 8.37 and PCRE2 10.10 allows remote malicious users to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pcre pcre2 10.10 |
||
pcre pcre 8.34 |
||
pcre pcre 8.36 |
||
pcre pcre 8.37 |
||
pcre pcre 8.35 |