PCRE is prone to a local stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition.
PCRE 8.41 is vulnerable; other versions may also be affected.
Information
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.