CVE-2017-6004 in PCREinfo

Summary

The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

02/15/2017

Disclosure

02/16/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-125 (Confirmed)

CVSS

6.4

EPSS

0.04081

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-6004
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-6004
CVE Details	https://www.cvedetails.com/cve/CVE-2017-6004/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!