what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2012-5195

Status Candidate

Overview

Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

Related Files

Gentoo Linux Security Advisory 201401-11
Posted Jan 20, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-11 - Multiple vulnerabilities have been found in Perl and Locale::Maketext Perl module, the worst of which could allow a context-dependent attacker to execute arbitrary code. Versions less than 5.16.3 are affected.

tags | advisory, arbitrary, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2728, CVE-2011-2939, CVE-2012-5195, CVE-2013-1667
SHA-256 | 92d8d5759a27b001185c6521fec4e8b39a433512603eecfa0564f8a319809a00
Mandriva Linux Security Advisory 2013-113
Posted Apr 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-113 - It was discovered that Perl's 'x' string repeat operator is vulnerable to a heap-based buffer overflow. An attacker could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, perl
systems | linux, mandriva
advisories | CVE-2012-5195, CVE-2012-6329, CVE-2013-1667
SHA-256 | d121a52e5d21e1a1d884bfa0b4351192f0257e3310ec24006cce477233f1c93a
Red Hat Security Advisory 2013-0685-01
Posted Mar 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0685-01 - Perl is a high-level programming language commonly used for system administration utilities and web programming. A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A denial of service flaw was found in the way Perl's rehashing code implementation, responsible for recalculation of hash keys and redistribution of hash content, handled certain input. If an attacker supplied specially-crafted input to be used as hash keys by a Perl application, it could cause excessive memory consumption.

tags | advisory, web, denial of service, overflow, arbitrary, perl
systems | linux, redhat
advisories | CVE-2012-5195, CVE-2012-5526, CVE-2012-6329, CVE-2013-1667
SHA-256 | ac3fdd7299785f237b23d812f30be939d6a7f1979b5d7e5891f630a611337ac3
Mandriva Linux Security Advisory 2013-005
Posted Jan 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-005 - Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via the x string repeat operator. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, overflow, arbitrary, perl
systems | linux, mandriva
advisories | CVE-2012-5195
SHA-256 | a30259c8c48c9d4f240f41c98a0bacfa483a7a6f42946a30309aa57aa4c6b8ec
Debian Security Advisory 2586-1
Posted Dec 12, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2586-1 - Two vulnerabilities were discovered in the implementation of the Perl programming language.

tags | advisory, perl, vulnerability
systems | linux, debian
advisories | CVE-2012-5195, CVE-2012-5526
SHA-256 | 76a3e485793224f6aa5ba668af28ee8d4ace03df744e5c0ad94b470ffdf4e131
Ubuntu Security Notice USN-1643-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1643-1 - It was discovered that the decode_xs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. It was discovered that the 'new' constructor in the Digest module is vulnerable to an eval injection. An attacker could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-2939, CVE-2011-3597, CVE-2012-5195, CVE-2012-5526, CVE-2011-2939, CVE-2011-3597, CVE-2012-5195, CVE-2012-5526
SHA-256 | 6c274eedfdb3da7dbb7671102ad6fe7a37edb74ba2b040227e902cbb757d04a1
Perl 5 Memory Corruption
Posted Oct 26, 2012
Authored by Tim Brown | Site nth-dimension.org.uk

The Perl 5 interpreter is vulnerable to a memory corruption vulnerability which results in memory disclosure and potentially arbitrary code execution when large values are supplied to the x operator.

tags | advisory, arbitrary, perl, code execution
advisories | CVE-2012-5195
SHA-256 | 553cb435fb55599355ceae80210dcc60509e0f1a51cae7259ce1394e8ef9ac7b
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close