VWE-2015-1112 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2015-1112
This page is a chapter in Info Known Vulnerabilities

This page has been seen 234,940 times.

- Created by
  pegasus
  on May 1, 2015
  
  Last updated by
  pegasus
  on December 2, 2024

Common Name PCRE Backtrack Vulnerability
VWE-ID VWE-2015-1112
Related Report None
Severity HIGH
Exploit Difficulty Difficult
Platform Affects all platforms supported by the vulnerable versions.
Description Javascript injection.

Discovered February 19, 2015
Resolved April 13, 2015
Patches Available 4.0.3
Workaround
Learn what your PHP installation's configuration value is for pcre.backtrack_limit. This might appear in your php.ini file. If this does not appear in that file, the default value is as follows:

For PHP 5.3.8 and higher: the value is 1,000,000
For PHP 5.3.7 and lower: the value is 100,000
Check the following VaultWiki settings:

VaultWiki: Content Types > Maximum Characters in Page Content
VaultWiki: Content Types > Maximum Characters in Discussion Comments
Make sure that the values of each setting is set to a lower amount than your pcre.backtrack_limit. If one of the settings is higher, you should lower it to maintain the security of your installation, or increase pcre.backtrack_limit to a value higher than each setting.
Check your Special:LongPages page for existing pages that are longer than pcre.backtrack_limit.
These pages remain a vector for attack while they are longer than this limit. You must shorten these pages.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	PCRE Backtrack Vulnerability
VWE-ID	VWE-2015-1112
Related Report	None
Severity	HIGH
Exploit Difficulty	Difficult
Platform	Affects all platforms supported by the vulnerable versions.
Description	Javascript injection.
Discovered	February 19, 2015
Resolved	April 13, 2015
Patches Available	4.0.3
Workaround	Learn what your PHP installation's configuration value is for pcre.backtrack_limit. This might appear in your php.ini file. If this does not appear in that file, the default value is as follows: For PHP 5.3.8 and higher: the value is 1,000,000 For PHP 5.3.7 and lower: the value is 100,000 Check the following VaultWiki settings: VaultWiki: Content Types > Maximum Characters in Page Content VaultWiki: Content Types > Maximum Characters in Discussion Comments Make sure that the values of each setting is set to a lower amount than your pcre.backtrack_limit. If one of the settings is higher, you should lower it to maintain the security of your installation, or increase pcre.backtrack_limit to a value higher than each setting. Check your Special:LongPages page for existing pages that are longer than pcre.backtrack_limit. These pages remain a vector for attack while they are longer than this limit. You must shorten these pages.