Description

Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier.

Remediation

References

CVE-2017-12837

Related Vulnerabilities

Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2012-1160)

Cherokee Out-of-bounds Write Vulnerability (CVE-2019-20800)

WordPress Plugin Scriptless Social Sharing Cross-Site Scripting (3.2.1)

WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)

Mailman Other Vulnerability (CVE-2004-0182)

Severity

High

Classification

CVE-2017-12837 CWE-119 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities