Denial of Service Vulnerability in Webkit 2.4.11 due to Regex Code

Denial of Service Vulnerability in Webkit 2.4.11 due to Regex Code

CVE-2016-9643 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis).

Learn more about our Web App Pen Testing.