[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4347-1 perl -- perl

ID: oval:org.secpod.oval:def:53470Date: (C)2019-06-11   (M)2023-12-20
Class: PATCHFamily: unix




Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. CVE-2018-18312 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow write during compilation, potentially allowing arbitrary code execution. CVE-2018-18313 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow read during compilation which leads to information leak. CVE-2018-18314 Jakub Wilk discovered that a specially crafted regular expression could lead to a heap-based buffer overflow.

Platform:
Linux Mint 3
Product:
perl
Reference:
DSA-4347-1
CVE-2018-18311
CVE-2018-18312
CVE-2018-18313
CVE-2018-18314
CVE    4
CVE-2018-18311
CVE-2018-18314
CVE-2018-18313
CVE-2018-18312
...
CPE    189
cpe:/a:perl:perl:5.12.1
cpe:/a:perl:perl:5.12.0
cpe:/a:perl:perl:0.71
cpe:/a:perl:perl:1.40
...

© SecPod Technologies