Out-of-Bounds Read and Application Crash Vulnerability in PCRE
CVE-2017-6004 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
Learn more about our Web Application Penetration Testing UK.