Out-of-bounds Write in perl

Do your applications use this vulnerable package? Test your applications

Overview

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

References

CONFIRM
CVE Details
Debian Security Advisory
Debian Security Tracker
Gentoo Security Advisory
MISC
RHSA Security Advisory
Security Tracker
Security Tracker
Ubuntu CVE Tracker
Ubuntu Security Advisory

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

High
Availability

High

CVE: CVE-2018-6797
CWE: CWE-787
Snyk ID: SNYK-DEBIAN9-PERL-327700
Disclosed: 17 Apr, 2018
Published: 17 Apr, 2018

Out-of-bounds Write
Affecting perl package, versions <5.24.1-3+deb9u3

Overview

References

CVSS Score

Out-of-bounds Write Affecting perl package, versions <5.24.1-3+deb9u3

Overview

References

Out-of-bounds Write
Affecting perl package, versions <5.24.1-3+deb9u3