[v2.7] pcre: PCRE Library Call Stack Overflow Vulnerability in match() (CVE-2015-3217)
Latest version of PCRE is prone to a Stack Overflow vulnerability which could caused by the following regular expression.
/\\.|([\\\\W_])?))$/
Affected
PCRE 8.33, 8.34, 8.35, 8.36, 8.37 are confirmed to be vulnerable.
PCRE2 10.10 is also confirmed to be vulnerable.
Other applications may also be affected.
Reference: https://bugs.exim.org/show\_bug.cgi?id=1638
(from redmine: issue id 4288, created on 2015-06-10, closed on 2017-09-05)
- Relations:
- parent #4287