Security Advisory

CVE-2015-2327

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-12-02 01:00:00

Last updated 2024-08-06 05:10:16

Assigner mitre

State PUBLISHED

Description

PCRE before 8.36 mishandles the /(((a2)|(a*)g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

← Browse all CVEs View on cve.org ↗