Wind River Support Network

HomeDefectsLIN6-6776
Fixed

LIN6-6776 : Security Advisory - perl - CVE-2010-4777

Created: Feb 16, 2014    Updated: Dec 3, 2018
Resolved Date: Apr 23, 2014
Previous ID: LIN3-35684
Found In Version: 6.0.0.6
Fix Version: 6.0.0.6
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777

Other Downloads

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube