perl 5.003_06 Deleted
Security Advisories
CVE-2011-2728
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.
- http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069752.html
- http://www.securityfocus.com/bid/49858
- http://cpansearch.perl.org/src/FLORA/perl-5.14.2/pod/perldelta.pod
- http://perl5.git.perl.org/perl.git/commit/1af4051e077438976a4c12a0622feaf6715bec77
- http://secunia.com/advisories/46172
- https://blogs.oracle.com/sunsecurity/entry/cve_2011_2728_denial_of1
- https://bugzilla.redhat.com/show_bug.cgi?id=742987
Reported: 2012-12-21
CVE-2020-12723
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
- https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3
- https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
- https://github.com/Perl/perl5/issues/16947
- https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a
- https://github.com/Perl/perl5/issues/17743
- https://security.netapp.com/advisory/ntap-20200611-0001/
- https://security.gentoo.org/glsa/202006-03
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
Fixed version: >=5.30.3
Severity: high
Reported: 2020-06-05
CVE-2020-10878
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
- https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3
- https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c
- https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8
- https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
- https://security.netapp.com/advisory/ntap-20200611-0001/
- https://security.gentoo.org/glsa/202006-03
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
Fixed version: >=5.30.3
Severity: high
Reported: 2020-06-05
CVE-2020-10543
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
- https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3
- https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed
- https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
- https://security.netapp.com/advisory/ntap-20200611-0001/
- https://security.gentoo.org/glsa/202006-03
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
Fixed version: >=5.30.3
Severity: high
Reported: 2020-06-05
CVE-2018-6913
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.
- https://www.debian.org/security/2018/dsa-4172
- https://rt.perl.org/Public/Bug/Display.html?id=131844
- https://lists.debian.org/debian-lts-announce/2018/04/msg00009.html
- http://www.securitytracker.com/id/1040681
- https://usn.ubuntu.com/3625-2/
- https://usn.ubuntu.com/3625-1/
- http://www.securityfocus.com/bid/103953
- https://security.gentoo.org/glsa/201909-01
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.26.2
Severity: critical
Reported: 2018-04-17
CVE-2018-18314
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- https://www.debian.org/security/2018/dsa-4347
- https://rt.perl.org/Ticket/Display.html?id=131649
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM/
- https://github.com/Perl/perl5/commit/19a498a461d7c81ae3507c450953d1148efecf4f
- https://bugzilla.redhat.com/show_bug.cgi?id=1646751
- http://www.securitytracker.com/id/1042181
- https://usn.ubuntu.com/3834-1/
- http://www.securityfocus.com/bid/106145
- https://access.redhat.com/errata/RHSA-2019:0010
- https://access.redhat.com/errata/RHSA-2019:0001
- https://security.netapp.com/advisory/ntap-20190221-0003/
- https://security.gentoo.org/glsa/201909-01
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.26.3
Severity: critical
Reported: 2018-12-07
CVE-2018-18313
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
- https://www.debian.org/security/2018/dsa-4347
- https://usn.ubuntu.com/3834-2/
- https://rt.perl.org/Ticket/Display.html?id=133192
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM/
- https://github.com/Perl/perl5/commit/43b2f4ef399e2fd7240b4eeb0658686ad95f8e62
- https://bugzilla.redhat.com/show_bug.cgi?id=1646738
- http://www.securitytracker.com/id/1042181
- https://usn.ubuntu.com/3834-1/
- https://access.redhat.com/errata/RHSA-2019:0010
- https://access.redhat.com/errata/RHSA-2019:0001
- https://security.netapp.com/advisory/ntap-20190221-0003/
- https://support.apple.com/kb/HT209600
- https://seclists.org/bugtraq/2019/Mar/42
- http://seclists.org/fulldisclosure/2019/Mar/49
- https://security.gentoo.org/glsa/201909-01
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.26.3
Severity: critical
Reported: 2018-12-07
CVE-2018-18312
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- https://www.debian.org/security/2018/dsa-4347
- https://rt.perl.org/Public/Bug/Display.html?id=133423
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM/
- https://bugzilla.redhat.com/show_bug.cgi?id=1646734
- http://www.securitytracker.com/id/1042181
- https://usn.ubuntu.com/3834-1/
- http://www.securityfocus.com/bid/106179
- https://access.redhat.com/errata/RHSA-2019:0010
- https://access.redhat.com/errata/RHSA-2019:0001
- https://security.netapp.com/advisory/ntap-20190221-0003/
- https://security.gentoo.org/glsa/201909-01
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.28.1
Severity: critical
Reported: 2018-12-05
CVE-2018-18311
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- https://www.debian.org/security/2018/dsa-4347
- https://usn.ubuntu.com/3834-2/
- https://rt.perl.org/Ticket/Display.html?id=133204
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM/
- https://lists.debian.org/debian-lts-announce/2018/11/msg00039.html
- https://github.com/Perl/perl5/commit/34716e2a6ee2af96078d62b065b7785c001194be
- https://bugzilla.redhat.com/show_bug.cgi?id=1646730
- http://www.securitytracker.com/id/1042181
- https://usn.ubuntu.com/3834-1/
- http://www.securityfocus.com/bid/106145
- https://access.redhat.com/errata/RHSA-2019:0010
- https://access.redhat.com/errata/RHSA-2019:0001
- https://access.redhat.com/errata/RHSA-2019:0109
- https://security.netapp.com/advisory/ntap-20190221-0003/
- https://support.apple.com/kb/HT209600
- https://seclists.org/bugtraq/2019/Mar/42
- http://seclists.org/fulldisclosure/2019/Mar/49
- https://kc.mcafee.com/corporate/index?page=content&id=SB10278
- https://access.redhat.com/errata/RHBA-2019:0327
- https://access.redhat.com/errata/RHSA-2019:1790
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://access.redhat.com/errata/RHSA-2019:1942
- https://access.redhat.com/errata/RHSA-2019:2400
- https://security.gentoo.org/glsa/201909-01
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.28.1
Severity: critical
Reported: 2018-12-07
CVE-2017-12883
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\\N{U+...}' escape.
- https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1
- https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1
- https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f#patch1
- https://bugzilla.redhat.com/show_bug.cgi?id=1492093
- http://www.securityfocus.com/bid/100852
- http://mirror.cucumberlinux.com/cucumber/cucumber-1.0/source/lang-base/perl/patches/CVE-2017-12883.patch
- https://rt.perl.org/Public/Bug/Display.html?id=131598
- http://www.debian.org/security/2017/dsa-3982
- https://security.netapp.com/advisory/ntap-20180426-0001/
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.26.1
Severity: critical
Reported: 2017-09-19
CVE-2017-12837
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\\N{}' escape and the case-insensitive modifier.
- https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1
- https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1
- https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5
- https://bugzilla.redhat.com/show_bug.cgi?id=1492091
- http://www.securityfocus.com/bid/100860
- https://rt.perl.org/Public/Bug/Display.html?id=131582
- http://www.debian.org/security/2017/dsa-3982
- https://security.netapp.com/advisory/ntap-20180426-0001/
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.28.1
Severity: high
Reported: 2017-09-19
CVE-2015-8853
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183592.html
- http://www.openwall.com/lists/oss-security/2016/04/20/7
- https://bugzilla.redhat.com/show_bug.cgi?id=1329106
- https://rt.perl.org/Public/Bug/Display.html?id=123562
- http://www.openwall.com/lists/oss-security/2016/04/20/5
- http://perl5.git.perl.org/perl.git/commitdiff/22b433eff9a1ffa2454e18405a56650f07b385b5
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securityfocus.com/bid/86707
- https://security.gentoo.org/glsa/201701-75
- https://usn.ubuntu.com/3625-2/
- https://usn.ubuntu.com/3625-1/
Fixed version: >=5.24.0
Severity: high
Reported: 2016-05-25
CVE-2013-1667
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
- http://www.securityfocus.com/bid/58311
- http://perl5.git.perl.org/perl.git/commitdiff/d59e31f
- http://perl5.git.perl.org/perl.git/commitdiff/9d83adc
- http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html
- http://www.debian.org/security/2013/dsa-2641
- http://secunia.com/advisories/52499
- http://secunia.com/advisories/52472
- https://bugzilla.redhat.com/show_bug.cgi?id=912276
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702296
- http://perl5.git.perl.org/perl.git/commitdiff/6e79fe5
- http://osvdb.org/90892
- http://www.ubuntu.com/usn/USN-1770-1
- http://rhn.redhat.com/errata/RHSA-2013-0685.html
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
- http://marc.info/?l=bugtraq&m=137891988921058&w=2
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:113
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0094
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82598
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18771
Fixed version: >=5.26.1
Reported: 2013-03-14
CVE-2010-4777
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.
- http://lists.opensuse.org/opensuse-updates/2011-05/msg00025.html
- https://bugzilla.redhat.com/show_bug.cgi?id=694166
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836
- https://rt.perl.org/Public/Bug/Display.html?id=76538
- https://listi.jpberlin.de/pipermail/postfixbuch-users/2011-February/055885.html
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- http://forums.ocsinventory-ng.org/viewtopic.php?id=7215
Fixed version: >5.14.0
Reported: 2014-02-10
CVE-2010-1158
Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string.
- http://bugs.gentoo.org/show_bug.cgi?id=313565
- http://www.openwall.com/lists/oss-security/2010/04/14/3
- http://perldoc.perl.org/perl5100delta.html
- http://www.openwall.com/lists/oss-security/2010/04/08/9
- https://bugzilla.redhat.com/show_bug.cgi?id=580605
- http://secunia.com/advisories/55314
Fixed version: >=5.10.0
Reported: 2010-04-20
CVE-2009-3626
Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.
- http://securitytracker.com/id?1023077
- http://www.vupen.com/english/advisories/2009/3023
- http://perl5.git.perl.org/perl.git/commit/0abd0d78a73da1c4d13b1c700526b7e5d03b32d4
- http://www.securityfocus.com/bid/36812
- https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6225
- http://rt.perl.org/rt3/Ticket/Attachment/617489/295383/
- http://www.osvdb.org/59283
- http://www.openwall.com/lists/oss-security/2009/10/23/8
- http://secunia.com/advisories/37144
- http://rt.perl.org/rt3/Public/Bug/Display.html?id=69973
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53939
Reported: 2009-10-29
CVE-2008-1927
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.
- http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
- http://www.debian.org/security/2008/dsa-1556
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00601.html
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00607.html
- http://www.gentoo.org/security/en/glsa/glsa-200805-17.xml
- http://www.securityfocus.com/bid/28928
- http://secunia.com/advisories/29948
- http://secunia.com/advisories/30025
- http://secunia.com/advisories/30326
- http://www.securitytracker.com/id?1020253
- http://www.redhat.com/support/errata/RHSA-2008-0522.html
- http://secunia.com/advisories/30624
- http://support.avaya.com/elmodocs2/security/ASA-2008-317.htm
- http://support.avaya.com/elmodocs2/security/ASA-2008-361.htm
- http://www.ipcop.org/index.php?name=News&file=article&sid=41
- http://secunia.com/advisories/31467
- http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
- http://secunia.com/advisories/31604
- http://secunia.com/advisories/31208
- http://secunia.com/advisories/31328
- http://www.vmware.com/security/advisories/VMSA-2008-0013.html
- http://www.redhat.com/support/errata/RHSA-2008-0532.html
- http://secunia.com/advisories/31687
- http://osvdb.org/44588
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:100
- http://www.ubuntu.com/usn/usn-700-1
- http://secunia.com/advisories/33314
- http://wiki.rpath.com/Advisories:rPSA-2009-0011
- http://www.ubuntu.com/usn/usn-700-2
- http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
- http://secunia.com/advisories/33937
- http://support.apple.com/kb/HT3438
- http://www.vupen.com/english/advisories/2009/0422
- http://www.vupen.com/english/advisories/2008/2361
- http://www.vupen.com/english/advisories/2008/2424
- http://www.vupen.com/english/advisories/2008/2265/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41996
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10579
- http://www.securityfocus.com/archive/1/500210/100/0/threaded
Reported: 2008-04-24
CVE-2005-3962
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
- http://www.dyadsecurity.com/perl-0002.html
- http://www.kb.cert.org/vuls/id/948385
- http://www.securityfocus.com/bid/15629
- http://secunia.com/advisories/17802
- http://secunia.com/advisories/17844
- http://secunia.com/advisories/17762
- http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html
- http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml
- http://www.trustix.org/errata/2005/0070
- http://secunia.com/advisories/17941
- http://secunia.com/advisories/17952
- http://www.redhat.com/support/errata/RHSA-2005-880.html
- http://www.novell.com/linux/security/advisories/2005_71_perl.html
- http://secunia.com/advisories/18183
- http://secunia.com/advisories/18187
- http://www.redhat.com/support/errata/RHSA-2005-881.html
- http://secunia.com/advisories/18075
- http://www.openbsd.org/errata37.html#perl
- http://secunia.com/advisories/18295
- ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch
- http://www.osvdb.org/21345
- http://www.osvdb.org/22255
- ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
- http://secunia.com/advisories/18517
- http://secunia.com/advisories/17993
- https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1
- http://secunia.com/advisories/19041
- http://www.debian.org/security/2006/dsa-943
- http://secunia.com/advisories/18413
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
- http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
- http://www.novell.com/linux/security/advisories/2005_29_sr.html
- http://secunia.com/advisories/20894
- http://docs.info.apple.com/article.html?artnum=304829
- http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
- http://www.us-cert.gov/cas/techalerts/TA06-333A.html
- http://secunia.com/advisories/23155
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:225
- http://www.ipcop.org/index.php?name=News&file=article&sid=41
- http://secunia.com/advisories/31208
- http://www.vupen.com/english/advisories/2006/2613
- http://www.vupen.com/english/advisories/2006/0771
- http://www.vupen.com/english/advisories/2006/4750
- ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch
- http://www.vupen.com/english/advisories/2005/2688
- http://marc.info/?l=full-disclosure&m=113342788118630&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1074
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10598
- https://usn.ubuntu.com/222-1/
- http://www.securityfocus.com/archive/1/438726/100/0/threaded
- http://www.securityfocus.com/archive/1/418333/100/0/threaded
Reported: 2005-12-01
CVE-2007-5116
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
- https://bugzilla.redhat.com/show_bug.cgi?id=323571
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:207
- http://www.redhat.com/support/errata/RHSA-2007-0966.html
- http://www.redhat.com/support/errata/RHSA-2007-1011.html
- http://www.securityfocus.com/bid/26350
- http://secunia.com/advisories/27531
- http://secunia.com/advisories/27546
- https://bugzilla.redhat.com/show_bug.cgi?id=378131
- https://issues.rpath.com/browse/RPL-1813
- http://www.debian.org/security/2007/dsa-1400
- http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml
- http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html
- http://www.novell.com/linux/security/advisories/2007_24_sr.html
- http://www.ubuntu.com/usn/usn-552-1
- http://securitytracker.com/id?1018899
- http://secunia.com/advisories/27479
- http://secunia.com/advisories/27515
- http://secunia.com/advisories/27548
- http://secunia.com/advisories/27613
- http://secunia.com/advisories/27570
- http://secunia.com/advisories/27936
- http://docs.info.apple.com/article.html?artnum=307179
- ftp://aix.software.ibm.com/aix/efixes/security/README
- http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220
- http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244
- http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
- http://www.us-cert.gov/cas/techalerts/TA07-352A.html
- http://secunia.com/advisories/28167
- http://lists.vmware.com/pipermail/security-announce/2008/000002.html
- http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm
- http://secunia.com/advisories/28368
- http://secunia.com/advisories/28387
- http://secunia.com/advisories/27756
- http://www.vmware.com/security/advisories/VMSA-2008-0001.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1
- http://secunia.com/advisories/28993
- http://secunia.com/advisories/29074
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1
- http://secunia.com/advisories/31208
- http://www.ipcop.org/index.php?name=News&file=article&sid=41
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1
- http://www.vupen.com/english/advisories/2007/4238
- http://www.vupen.com/english/advisories/2008/0064
- http://www.vupen.com/english/advisories/2008/0641
- http://www.vupen.com/english/advisories/2007/3724
- http://www.vupen.com/english/advisories/2007/4255
- http://marc.info/?l=bugtraq&m=120352263023774&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38270
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669
- http://www.securityfocus.com/archive/1/486859/100/0/threaded
- http://www.securityfocus.com/archive/1/485936/100/0/threaded
- http://www.securityfocus.com/archive/1/483584/100/0/threaded
- http://www.securityfocus.com/archive/1/483563/100/0/threaded
Reported: 2007-11-07
CVE-2012-5195
Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.
- http://perl5.git.perl.org/perl.git/commit/2709980d5a193ce6f3a16f0d19879a6560dcde44
- http://www.nntp.perl.org/group/perl.perl5.porters/2012/10/msg193886.html
- http://www.securityfocus.com/bid/56287
- http://www.openwall.com/lists/oss-security/2012/10/27/1
- http://secunia.com/advisories/51457
- http://www.openwall.com/lists/oss-security/2012/10/26/2
- http://www.ubuntu.com/usn/USN-1643-1
- http://www.debian.org/security/2012/dsa-2586
- http://rhn.redhat.com/errata/RHSA-2013-0685.html
- http://secunia.com/advisories/55314
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:113
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0352
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
Fixed version: >=5.16.0
Reported: 2012-12-18
CVE-2013-7422
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression.
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- https://support.apple.com/kb/HT205031
- http://perl5.git.perl.org/perl.git/commit/0c2990d652e985784f095bba4bc356481a66aa06
- http://www.securityfocus.com/bid/75704
- http://www.ubuntu.com/usn/USN-2916-1
- https://security.gentoo.org/glsa/201507-11
Reported: 2015-08-16
CVE-2015-8608
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.
- https://rt.perl.org/Public/Bug/Display.html?id=126755
- https://packetstormsecurity.com/files/136649/Perl-5.22-VDir-MapPathA-W-Out-Of-Bounds-Reads-Buffer-Over-Reads.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- https://www.oracle.com/security-alerts/cpujul2020.html
Fixed version: >=5.22.2
Severity: critical
Reported: 2017-02-07
CVE-2011-1487
The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.
- https://bugzilla.redhat.com/show_bug.cgi?id=692844
- http://openwall.com/lists/oss-security/2011/04/01/3
- http://openwall.com/lists/oss-security/2011/04/04/35
- https://bugzilla.redhat.com/show_bug.cgi?id=692898
- http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336
- http://secunia.com/advisories/43921
- http://www.securityfocus.com/bid/47124
- http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html
- http://secunia.com/advisories/44168
- http://www.debian.org/security/2011/dsa-2265
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:091
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66528
Fixed version: >=5.14.0
Reported: 2011-04-11
CVE-1999-1386
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
- http://www.redhat.com/support/errata/rh50-errata-general.html#perl
- http://www.iss.net/security_center/static/7243.php
- http://marc.info/?l=bugtraq&m=88932165406213&w=2
Reported: 1999-12-31
CVE-2023-47039
Perl for Windows relies on the system path environment variable to find the shell (cmd.exe). When running an executable which uses Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system. However, due to path search order issues, Perl initially looks for cmd.exe in the current working directory. An attacker with limited privileges can exploit this behavior by placing cmd.exe in locations with weak permissions, such as C:\ProgramData. By doing so, when an administrator attempts to use this executable from these compromised locations, arbitrary code can be executed.
Reported: 2023-10-30
CVE-1999-0034
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
- https://exchange.xforce.ibmcloud.com/vulnerabilities/448
- https://www.cpan.org/src/5.0/CA-97.17.sperl
Reported: 1997-05-29
CVE-1999-0462
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk.
Reported: 1999-03-17
CVE-2000-0703
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0022.html
- http://www.calderasystems.com/support/security/advisories/CSSA-2000-026.0.txt
- http://www.securityfocus.com/bid/1547
- http://www.novell.com/linux/security/advisories/suse_security_announce_59.html
- http://www.redhat.com/support/errata/RHSA-2000-048.html
- http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000017.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0153.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0086.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0113.html
- https://www.cpan.org/src/5.0/sperl-2000-08-05/sperl-2000-08-05.txt
Reported: 2000-10-20