pcre

2010-08-09

Page content

Author: Miklos Vajna
Vulnerable: 8.01-1
Unaffected: 8.02-1locris1

Michael Santos has discovered a vulnerability in PCRE, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. The vulnerability is caused due to a boundary error within the “compile_branch()” function pcre_compile.c. This can be exploited to cause a stack-based buffer overflow via a specially crafted regular expression. Successful exploitation may allow execution of arbitrary code.

Bug Tracker URL: http://bugs.frugalware.org/task/4261

CVEs:

No CVE references, see http://bugs.exim.org/show_bug.cgi?id=962