CVE-2017-9227 in Onigurumainfo

Zusammenfassung (Englisch)

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservieren

24.05.2017

Veröffentlichung

24.05.2017

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

IDSchwachstelleCWEAusMasCVE
101757Oniguruma Regular Expression mbc_enc_len Information Disclosure125Nicht definiertOffizieller FixCVE-2017-9227

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!