Back to search
CVE-2010-4777
Published: Feb 10, 2014
Modified: Aug 7, 2024
PUBLISHED
Description
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SR:2011:009
vendor-advisory
x_refsource_SUSE
[Postfixbuch-users] 20110222 proxy-reject: END-OF-MESSAGE: 451 4.3.0 Error: queue file write error
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=694166
x_refsource_MISC
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836
x_refsource_MISC
http://forums.ocsinventory-ng.org/viewtopic.php?id=7215
x_refsource_MISC
https://rt.perl.org/Public/Bug/Display.html?id=76538
x_refsource_CONFIRM
openSUSE-SU-2011:0479
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now