CVE-2017-12837CVE-2017-12837

Affected configuration(s):

cpe:/a:perl:perl:5.24.2
cpe:/a:perl:perl:5.26.0

Date published: 2017-09-19T14:29:00.167-04:00

Date last modified: 2017-11-04T21:29:00.630-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.debian.org/security/2017/dsa-3982

Summary: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a ‘N{}’ escape and the case-insensitive modifier.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.