Summary
The host is installed with Active Perl and is prone to heap based buffer overflow vulnerability.
Impact
Successful exploitation will allow attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.
Impact Level: System/Application
Solution
Upgrade to Active Perl 5.12.5, 5.14.3, 15.15.5 or later, For updates refer to http://www.perl.org/get.html
Insight
The Perl_repeatcpy() function in util.c fails to properly sanitize user supplied input while handling the string repeat operator.
Affected
Active Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3 and 5.15.x before 15.15.5 on Windows
References
Severity
Classification
-
CVE CVE-2012-5195 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities