mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
917 B
917 B
CVE-2015-2305
Description
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.
POC
Reference
- http://www.kb.cert.org/vuls/id/695940
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html