Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5195

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-5195
Last Modified 06 Feb 2014 11:43:11
Published 17 Dec 2012 07:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5195

Summary

Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

Vulnerable Systems

Application

  • Perl 5.12.0

  • Perl 5.12.1

  • Perl 5.12.2

  • Perl 5.12.3

  • Perl 5.12.4

  • Perl 5.14.0

  • Perl 5.14.1

  • Perl 5.14.2


References

UBUNTU - USN-1643-1

BID - 56287

MLIST - [oss-security] 20121027 Re: Medium severity flaw with Perl 5

MLIST - [oss-security] 20121026 Medium severity flaw with Perl 5

MLIST - [perl.perl5.porters] 20121010 maint-5.12, maint-5.14, and CVE-2012-5195

SECUNIA - 51457

CONFIRM - http://perl5.git.perl.org/perl.git/commit/2709980d5a193ce6f3a16f0d19879a6560dcde44

DEBIAN - DSA-2586

REDHAT - RHSA-2013:0685

SECUNIA - 55314

CONFIRM - https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0352

MANDRIVA - MDVSA-2013:113


Last Updated: 27 May 2016 10:57:37