Description

pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.

Remediation

References

CVE-2015-8393

Related Vulnerabilities

Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-45802)

WordPress Plugin WPtouch Open Redirect (3.4.9)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-20330)

WordPress Plugin Contact Form Email Information Disclosure (1.2.66)

Internet Information Services Other Vulnerability (CVE-2001-0096)

Severity

High

Classification

CVE-2015-8393 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities