Denial of Service Vulnerability in Perl's regexec.c

Denial of Service Vulnerability in Perl's regexec.c

CVE-2015-8853 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."

Learn more about our Web Application Penetration Testing UK.