[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-5195Date: (C)2012-12-20   (M)2023-12-22


Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECUNIA-51457
SECUNIA-55314
BID-56287
DSA-2586
MDVSA-2013:113
RHSA-2013:0685
USN-1643-1
http://www.openwall.com/lists/oss-security/2012/10/26/2
http://www.openwall.com/lists/oss-security/2012/10/27/1
[perl.perl5.porters]
http://www.nntp.perl.org/group/perl.perl5.porters/2012/10/msg193886.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
http://perl5.git.perl.org/perl.git/commit/2709980d5a193ce6f3a16f0d19879a6560dcde44
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0352

CPE    22
cpe:/a:perl:perl:5.12.3:rc3
cpe:/a:perl:perl:5.12.1
cpe:/a:perl:perl:5.12.3:rc2
cpe:/a:perl:perl:5.12.0
...
CWE    1
CWE-119
OVAL    10
oval:org.secpod.oval:def:302991
oval:org.secpod.oval:def:1600302
oval:org.secpod.oval:def:202651
oval:org.secpod.oval:def:202650
...

© SecPod Technologies