SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2007-5116

Date: (C)2007-11-07 (M)2023-12-22

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL

Reference:

SECTRACK-1018899

SUNALERT-1018985

http://www.securityfocus.com/archive/1/483563/100/0/threaded

http://www.securityfocus.com/archive/1/483584/100/0/threaded

http://www.securityfocus.com/archive/1/485936/100/0/threaded

http://www.securityfocus.com/archive/1/486859/100/0/threaded

SUNALERT-231524

APPLE-SA-2007-12-17

OpenPKG-SA-2007.023

SUSE-SR:2007:024

http://lists.vmware.com/pipermail/security-announce/2008/000002.html

ftp://aix.software.ibm.com/aix/efixes/security/README

http://docs.info.apple.com/article.html?artnum=307179

http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm

http://www.ipcop.org/index.php?name=News&file=article&sid=41

http://www.vmware.com/security/advisories/VMSA-2008-0001.html

https://bugzilla.redhat.com/show_bug.cgi?id=323571

https://bugzilla.redhat.com/show_bug.cgi?id=378131

https://issues.rpath.com/browse/RPL-1813

oval:org.mitre.oval:def:10669

perl-unicode-bo(38270)

cpe:/o:debian:debian_linux:3.1
cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0
cpe:/o:mandrakesoft:mandrake_linux:2007
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0
...

oval:org.secpod.oval:def:1100051

© SecPod Technologies