CVE-2010-4777

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:perl:perl:5.10:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:5.12.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:5.14.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:21

Type Values Removed Values Added
References () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836 - () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836 -
References () http://forums.ocsinventory-ng.org/viewtopic.php?id=7215 - () http://forums.ocsinventory-ng.org/viewtopic.php?id=7215 -
References () http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html - () http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html -
References () http://lists.opensuse.org/opensuse-updates/2011-05/msg00025.html - () http://lists.opensuse.org/opensuse-updates/2011-05/msg00025.html -
References () https://bugzilla.redhat.com/show_bug.cgi?id=694166 - () https://bugzilla.redhat.com/show_bug.cgi?id=694166 -
References () https://listi.jpberlin.de/pipermail/postfixbuch-users/2011-February/055885.html - () https://listi.jpberlin.de/pipermail/postfixbuch-users/2011-February/055885.html -
References () https://rt.perl.org/Public/Bug/Display.html?id=76538 - () https://rt.perl.org/Public/Bug/Display.html?id=76538 -

Information

Published : 2014-02-10 18:15

Updated : 2024-11-21 01:21


NVD link : CVE-2010-4777

Mitre link : CVE-2010-4777

CVE.ORG link : CVE-2010-4777


JSON object : View

Products Affected

perl

  • perl
CWE
CWE-20

Improper Input Validation