Page 6 of 40 results (0.014 seconds)

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 1

Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string. Desbordamiento de entero en el motor de expresiones regulares de Perl v5.8.x permite a atacantes dependiendo del contexto provocar una denegación de servicio (consumo de la pila y caída de la aplicación) cotejando una expresión regular modificada contra una cadena de texto extensa. • http://bugs.gentoo.org/show_bug.cgi?id=313565 http://perldoc.perl.org/perl5100delta.html http://secunia.com/advisories/55314 http://www.openwall.com/lists/oss-security/2010/04/08/9 http://www.openwall.com/lists/oss-security/2010/04/14/3 https://bugzilla.redhat.com/show_bug.cgi?id=580605 • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 3%CPEs: 51EXPL: 0

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Desbordamiento de búfer en el soporte opcode polimórfico del Motor de Expresiones Regulares (regcomp.c) en Perl 5.8 permite a atacantes dependientes de contexto ejecutar código de su elección cambiando de byte a caracteres Unicode (UTF) en una expresión regular. • ftp://aix.software.ibm.com/aix/efixes/security/README http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000002.html http://marc.info/?l=bugtraq&m=120352263023774&w=2 http://secunia.com/advisories/27479 http://secunia.com/advisories/27515 http://secunia.com/advisories/27531 http://secunia.com/advisories/27546 http://secunia.com/advisories/27548 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 0

Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. • http://secunia.com/advisories/17232 http://secunia.com/advisories/55314 http://www.gentoo.org/security/en/glsa/glsa-200510-14.xml http://www.osvdb.org/20086 http://www.securityfocus.com/bid/15120 http://www.vupen.com/english/advisories/2005/2119 •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056 http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://marc.info/?l=full-disclosure&m=113342788118630&w=2 http://secunia. • CWE-189: Numeric Errors •

CVSS: 1.2EPSS: 0%CPEs: 4EXPL: 0

Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452. • ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056 http://fedoranews.org/updates/FEDORA--.shtml http://secunia.com/advisories/14531 http://secunia.com/advisories/17079 http://secunia.com/advisories/18075 http://secunia.com/advisories/18517 http://secunia.com/advisories/55314 http://www.debian.org/security/2005/dsa-696 http://www.gentoo.org/security/en/glsa/glsa-200501-38.xml http:/&# •