CVE-2017-12883CVE-2017-12883

Affected configuration(s):

cpe:/a:perl:perl:5.24.2
cpe:/a:perl:perl:5.26.0

Date published: 2017-09-19T14:29:00.197-04:00

Date last modified: 2017-11-04T21:29:00.693-04:00

CVSS Score: 6.4

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://mirror.cucumberlinux.com/cucumber/cucumber-1.0/source/lang-base/perl/patches/CVE-2017-12883.patch

Summary: Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid ‘N{U+…}’ escape.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.