Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2015-8389 - Vulnerability Database
PHP

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2015-8389

Critical
Reference: CVE-2015-8389
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-8389
Title: PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Overview:

PCRE before 8.38 mishandles the /(:a)100x/ pattern and related patterns which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression as demonstrated by a JavaScript RegExp object encountered by Konqueror.