CVE-2014-8964
CVE-2014-8964
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://advisories.mageia.org/MGASA-2014-0534.htmlhttp://bugs.exim.org/show_bug.cgi?id=1546http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.htmlhttp://lists.opensuse.org/opensuse-updates/2015-05/msg00014.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0330.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1166147https://security.gentoo.org/glsa/201607-02http://www.exim.org/viewvc/pcre?view=revision&revision=1513http://www.mandriva.com/security/advisories?name=MDVSA-2015:002