MGASA-2017-0454

The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression (CVE-2017-6004).

A vulnerability was found in pcre caused by trying to find a Unicode property for a code value greater than 0x10ffff, the Unicode maximum, when running in non-UTF mode (where character values can be up to 0xffffffff) (CVE-2017-7186).

The pcre32xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file (CVE-2017-7244).

Stack-based buffer overflow in the pcre32copysubstring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file (CVE-2017-7245).

Stack-based buffer overflow in the pcre32copysubstring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file (CVE-2017-7246).