// For flags

CVE-2008-1927

perl: heap corruption by regular expressions with utf8 characters

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.

Vulnerabilidad de doble liberacioón en Perl 5.8.8 permite a los atacantes, dependiendo del contexto, causar una denegación de servicio (corrupción de memoria y caida) a través de expresiones regulares manipuladas conteniendo caracteres UTF8. NOTE: esta característica solo está presente en ciertos sistemas operativos.

Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives. If a user or automated system were tricked into opening a specially crafted tar file, a remote attacker could over-write arbitrary files. Tavis Ormandy and Will Drewry discovered that Perl did not correctly handle certain utf8 characters in regular expressions. If a user or automated system were tricked into using a specially crafted expression, a remote attacker could crash the application, leading to a denial of service. Ubuntu 8.10 was not affected by this issue. A race condition was discovered in the File::Path Perl module's rmtree function. If a local attacker successfully raced another user's call of rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06 and 8.10 were not affected by this issue. A race condition was discovered in the File::Path Perl module's rmtree function. If a local attacker successfully raced another user's call of rmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected by this issue.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-04-23 CVE Reserved
  • 2008-04-23 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
CAPEC
References (42)
URL Tag Source
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792 X_refsource_confirm
http://osvdb.org/44588 Vdb Entry
http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156 X_refsource_misc
http://secunia.com/advisories/29948 Third Party Advisory
http://secunia.com/advisories/30025 Third Party Advisory
http://secunia.com/advisories/30326 Third Party Advisory
http://secunia.com/advisories/30624 Third Party Advisory
http://secunia.com/advisories/31208 Third Party Advisory
http://secunia.com/advisories/31328 Third Party Advisory
http://secunia.com/advisories/31467 Third Party Advisory
http://secunia.com/advisories/31604 Third Party Advisory
http://secunia.com/advisories/31687 Third Party Advisory
http://secunia.com/advisories/33314 Third Party Advisory
http://secunia.com/advisories/33937 Third Party Advisory
http://support.apple.com/kb/HT3438 X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-317.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-361.htm X_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2009-0011 X_refsource_confirm
http://www.ipcop.org/index.php?name=News&file=article&sid=41 X_refsource_confirm
http://www.securityfocus.com/archive/1/500210/100/0/threaded Mailing List
http://www.securityfocus.com/bid/28928 Vdb Entry
http://www.securitytracker.com/id?1020253 Vdb Entry
http://www.vmware.com/security/advisories/VMSA-2008-0013.html X_refsource_confirm
http://www.vupen.com/english/advisories/2008/2265/references Vdb Entry
http://www.vupen.com/english/advisories/2008/2361 Vdb Entry
http://www.vupen.com/english/advisories/2008/2424 Vdb Entry
http://www.vupen.com/english/advisories/2009/0422 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/41996 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10579 Signature
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html 2018-10-11
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html 2018-10-11
http://www.debian.org/security/2008/dsa-1556 2018-10-11
http://www.gentoo.org/security/en/glsa/glsa-200805-17.xml 2018-10-11
http://www.mandriva.com/security/advisories?name=MDVSA-2008:100 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-0522.html 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-0532.html 2018-10-11
http://www.ubuntu.com/usn/usn-700-1 2018-10-11
http://www.ubuntu.com/usn/usn-700-2 2018-10-11
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00601.html 2018-10-11
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00607.html 2018-10-11
https://access.redhat.com/security/cve/CVE-2008-1927 2010-08-04
https://bugzilla.redhat.com/show_bug.cgi?id=443928 2010-08-04
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.8
Search vendor "Perl" for product "Perl" and version "5.8.8"
-
Affected