FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pcre -- stack buffer overflow

Affected packages
pcre < 8.38
pcre2 < 10.20_1

Details

VuXML ID 7033b42d-ef09-11e5-b766-14dae9d210b8
Discovery 2016-02-09
Entry 2016-03-21
Modified 2016-03-21

Philip Hazel reports:

PCRE does not validate that handling the (*ACCEPT) verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow.

[source]

References

CVE Name CVE-2016-3191
URL https://bugs.exim.org/show_bug.cgi?id=1791

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.