CVE Reference: CVE-2012-5195

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-5195

Description:
Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntu.com/usn/USN-1643-1

SAID
  Secunia Advisory: SA51457
  Secunia Advisory: SA55314

REDHAT
  http://rhn.redhat.com/errata/RHSA-2013-0685.html

MLIST
  http://www.nntp.perl.org/group/perl.perl5.porters/2012/10/msg193886.html
  http://www.openwall.com/lists/oss-security/2012/10/27/1
  http://www.openwall.com/lists/oss-security/2012/10/26/2

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2013:113

DEBIAN
  http://www.debian.org/security/2012/dsa-2586

CONFIRM
  http://perl5.git.perl.org/perl.git/commit/2709980d5a193ce6f3a16f0d19879a6560dcde44

BID
  56287


Return to the previous page.