Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2008-1927

Published: 24/04/2008 Updated: 11/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Perl

Vulnerability Summary

Double free vulnerability in Perl 5.8.8 allows context-dependent malicious users to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.

Vulnerable Product Search on Vulmon Subscribe to Product

perl perl 5.8.8

Vendor Advisories

Debian CVElist Bug Report Logs: double free and segfault on utf8 containing regexes
Debian Bug report logs - #454792 double free and segfault on utf8 containing regexes Package: perl; Maintainer for perl is Niko Tyni <ntyni@debianorg>; Source for perl is src:perl (PTS, buildd, popcon) Reported by: Don Armstrong <don@debianorg> Date: Fri, 7 Dec 2007 22:06:04 UTC Severity: important Tags: etch, pa ...
Ubuntu Security Notice: libarchive-tar-perl, perl vulnerabilities
Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives If a user or automated system were tricked into opening a specially crafted tar file, a remote attacker could over-write arbitrary files (CVE-2007-4829) ...
Ubuntu Security Notice: perl regression
USN-700-1 fixed vulnerabilities in Perl Due to problems with the Ubuntu 804 build, some Perl ph files were missing from the resulting update This update fixes the problem We apologize for the inconvenience ...
Debian Security Advisories: DSA-1556-2 perl -- heap buffer overflow
It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters This also happens if the offending characters are contained in a variable reference protected by the \Q\E quoting construct When encountering this condition, the Perl interpreter ty ...

References

CWE-399http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792http://www.debian.org/security/2008/dsa-1556https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00601.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-April/msg00607.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200805-17.xmlhttp://www.securityfocus.com/bid/28928http://secunia.com/advisories/29948http://secunia.com/advisories/30025http://secunia.com/advisories/30326http://www.securitytracker.com/id?1020253http://www.redhat.com/support/errata/RHSA-2008-0522.htmlhttp://secunia.com/advisories/30624http://support.avaya.com/elmodocs2/security/ASA-2008-317.htmhttp://support.avaya.com/elmodocs2/security/ASA-2008-361.htmhttp://www.ipcop.org/index.php?name=News&file=article&sid=41http://secunia.com/advisories/31467http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlhttp://secunia.com/advisories/31604http://secunia.com/advisories/31208http://secunia.com/advisories/31328http://www.vmware.com/security/advisories/VMSA-2008-0013.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0532.htmlhttp://secunia.com/advisories/31687http://osvdb.org/44588http://www.mandriva.com/security/advisories?name=MDVSA-2008:100http://www.ubuntu.com/usn/usn-700-1http://secunia.com/advisories/33314http://wiki.rpath.com/Advisories:rPSA-2009-0011http://www.ubuntu.com/usn/usn-700-2http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlhttp://secunia.com/advisories/33937http://support.apple.com/kb/HT3438http://www.vupen.com/english/advisories/2009/0422http://www.vupen.com/english/advisories/2008/2361http://www.vupen.com/english/advisories/2008/2424http://www.vupen.com/english/advisories/2008/2265/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41996https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10579http://www.securityfocus.com/archive/1/500210/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792https://nvd.nist.govhttps://usn.ubuntu.com/700-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook