PCRE Regular Expression Heap Overflow Vulnerability

PCRE is prone to a heap-overflow vulnerability. This issue is due to the library's failure to properly perform boundary checks on user-supplied input before copying data to an internal memory buffer.

The impact of successful exploitation of this vulnerability depends on the application and the user credentials using the vulnerable library. A successful attack may ultimately permit an attacker to control the contents of critical memory control structures and write arbitrary data to arbitrary memory locations.


 

Privacy Statement
Copyright 2010, SecurityFocus