Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-481
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité de Perl peut être exploitée par une personne malintentionnée distante pour effectuer un déni de service ou exécuter du code arbitraire.
Description
Une vulnérabilité de type débordement de mémoire a été identifiée dans Perl, plus précisément dans le traitement d'expressions régulières en Unicode. Ceci peut être exploité par une personne malintentionnée distante pour effectuer un déni de service voire exécuter du code arbitraire via une expression régulière spécialement construite.
Solution
La version de développement 5.9.5 corrige le problème. Se référer aux bulletins de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).
Perl 5.x versions antérieures à 5.9.5.
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003ePerl 5.x versions ant\u00e9rieures \u00e0 5.9.5.\u003c/P\u003e",
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire a \u00e9t\u00e9 identifi\u00e9e dans\nPerl, plus pr\u00e9cis\u00e9ment dans le traitement d\u0027expressions r\u00e9guli\u00e8res en\nUnicode. Ceci peut \u00eatre exploit\u00e9 par une personne malintentionn\u00e9e\ndistante pour effectuer un d\u00e9ni de service voire ex\u00e9cuter du code\narbitraire via une expression r\u00e9guli\u00e8re sp\u00e9cialement construite.\n\n## Solution\n\nLa version de d\u00e9veloppement 5.9.5 corrige le probl\u00e8me. Se r\u00e9f\u00e9rer aux\nbulletins de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des correctifs (cf.\nsection Documentation).\n",
"cves": [
{
"name": "CVE-2007-5116",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 de SUN du 21 f\u00e9vrier 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 rPath 2007-0232-1 du 06 novembre 2007 :",
"url": "http://lists.rpath.com/pipermail/security-announce/2007-November/000274.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 pour HP Tru64 Unix version 5.1B-3 du 21 f\u00e9vrier 2008 :",
"url": "http://www.itrc.hp.com/service/patch/...hid=T64KIT1001399-V51BB26-ES-20071207"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0966 du 05 novembre 2007 :",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0966.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:207 du 05 novembre 2007 :",
"url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:207"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1400-1 du 06 novembre 2007 :",
"url": "http://www.debian.org/security/dsa-1400"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 pour HP Tru64 Unix version 5.1B-4 du 21 f\u00e9vrier 2008 :",
"url": "http://www.itrc.hp.com/service/patch/...I.do?patchid=perl_V51BB27-ES-20080207"
}
],
"reference": "CERTA-2007-AVI-481",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-11-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 de Perl peut \u00eatre exploit\u00e9e par une personne\nmalintentionn\u00e9e distante pour effectuer un d\u00e9ni de service ou ex\u00e9cuter\ndu code arbitraire.\n",
"title": "Vuln\u00e9rabilit\u00e9 de Perl",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:207 du 05 novembre 2007",
"url": null
}
]
}
CVE-2007-5116 (GCVE-0-2007-5116)
Vulnerability from cvelistv5 – Published: 2007-11-07 20:00 – Updated: 2024-08-07 15:17
VLAI?
EPSS
Summary
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27479"
},
{
"name": "DSA-1400",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1400"
},
{
"name": "HPSBTU02311",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
},
{
"name": "SSRT080001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
},
{
"name": "ADV-2007-4238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4238"
},
{
"name": "TA07-352A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
},
{
"name": "IZ10244",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
},
{
"name": "27936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27936"
},
{
"name": "20071110 FLEA-2007-0063-1 perl",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
},
{
"name": "28993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28993"
},
{
"name": "IZ10220",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1813"
},
{
"name": "31524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
},
{
"name": "USN-552-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-552-1"
},
{
"name": "oval:org.mitre.oval:def:10669",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
},
{
"name": "1018899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018899"
},
{
"name": "ADV-2008-0641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0641"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27756"
},
{
"name": "RHSA-2007:0966",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
},
{
"name": "29074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29074"
},
{
"name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
},
{
"name": "27548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27548"
},
{
"name": "RHSA-2007:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
},
{
"name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
},
{
"name": "27546",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27546"
},
{
"name": "GLSA-200711-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
},
{
"name": "ADV-2007-3724",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3724"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
},
{
"name": "OpenPKG-SA-2007.023",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
},
{
"name": "231524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
},
{
"name": "27531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27531"
},
{
"name": "APPLE-SA-2007-12-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
},
{
"name": "27515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27515"
},
{
"name": "27570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27570"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307179"
},
{
"name": "27613",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27613"
},
{
"name": "28368",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28368"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "1018985",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
},
{
"name": "MDKSA-2007:207",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
},
{
"name": "ADV-2007-4255",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4255"
},
{
"name": "20071112 FLEA-2007-0069-1 perl",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
},
{
"name": "perl-unicode-bo(38270)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "31208",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31208"
},
{
"name": "28387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28387"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
},
{
"name": "ADV-2008-0064",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0064"
},
{
"name": "28167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28167"
},
{
"name": "26350",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26350"
},
{
"name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27479"
},
{
"name": "DSA-1400",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1400"
},
{
"name": "HPSBTU02311",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
},
{
"name": "SSRT080001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
},
{
"name": "ADV-2007-4238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4238"
},
{
"name": "TA07-352A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
},
{
"name": "IZ10244",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
},
{
"name": "27936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27936"
},
{
"name": "20071110 FLEA-2007-0063-1 perl",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
},
{
"name": "28993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28993"
},
{
"name": "IZ10220",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1813"
},
{
"name": "31524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
},
{
"name": "USN-552-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-552-1"
},
{
"name": "oval:org.mitre.oval:def:10669",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
},
{
"name": "1018899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018899"
},
{
"name": "ADV-2008-0641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0641"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27756"
},
{
"name": "RHSA-2007:0966",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
},
{
"name": "29074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29074"
},
{
"name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
},
{
"name": "27548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27548"
},
{
"name": "RHSA-2007:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
},
{
"name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
},
{
"name": "27546",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27546"
},
{
"name": "GLSA-200711-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
},
{
"name": "ADV-2007-3724",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3724"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
},
{
"name": "OpenPKG-SA-2007.023",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
},
{
"name": "231524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
},
{
"name": "27531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27531"
},
{
"name": "APPLE-SA-2007-12-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
},
{
"name": "27515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27515"
},
{
"name": "27570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27570"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307179"
},
{
"name": "27613",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27613"
},
{
"name": "28368",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28368"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "1018985",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
},
{
"name": "MDKSA-2007:207",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
},
{
"name": "ADV-2007-4255",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4255"
},
{
"name": "20071112 FLEA-2007-0069-1 perl",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
},
{
"name": "perl-unicode-bo(38270)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "31208",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31208"
},
{
"name": "28387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28387"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
},
{
"name": "ADV-2008-0064",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0064"
},
{
"name": "28167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28167"
},
{
"name": "26350",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26350"
},
{
"name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27479"
},
{
"name": "DSA-1400",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1400"
},
{
"name": "HPSBTU02311",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
},
{
"name": "SSRT080001",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
},
{
"name": "ADV-2007-4238",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4238"
},
{
"name": "TA07-352A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
},
{
"name": "IZ10244",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
},
{
"name": "27936",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27936"
},
{
"name": "20071110 FLEA-2007-0063-1 perl",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
},
{
"name": "28993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28993"
},
{
"name": "IZ10220",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
},
{
"name": "https://issues.rpath.com/browse/RPL-1813",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1813"
},
{
"name": "31524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
},
{
"name": "USN-552-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-552-1"
},
{
"name": "oval:org.mitre.oval:def:10669",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
},
{
"name": "1018899",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018899"
},
{
"name": "ADV-2008-0641",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0641"
},
{
"name": "27756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27756"
},
{
"name": "RHSA-2007:0966",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
},
{
"name": "29074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29074"
},
{
"name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
},
{
"name": "27548",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27548"
},
{
"name": "RHSA-2007:1011",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
},
{
"name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=323571",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
},
{
"name": "27546",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27546"
},
{
"name": "GLSA-200711-28",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
},
{
"name": "ADV-2007-3724",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3724"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
},
{
"name": "OpenPKG-SA-2007.023",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=378131",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
},
{
"name": "231524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
},
{
"name": "27531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27531"
},
{
"name": "APPLE-SA-2007-12-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
},
{
"name": "27515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27515"
},
{
"name": "27570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27570"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307179",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307179"
},
{
"name": "27613",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27613"
},
{
"name": "28368",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28368"
},
{
"name": "SUSE-SR:2007:024",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "1018985",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
},
{
"name": "MDKSA-2007:207",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
},
{
"name": "ADV-2007-4255",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4255"
},
{
"name": "20071112 FLEA-2007-0069-1 perl",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
},
{
"name": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41",
"refsource": "CONFIRM",
"url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
},
{
"name": "perl-unicode-bo(38270)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "31208",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31208"
},
{
"name": "28387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28387"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
},
{
"name": "ADV-2008-0064",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0064"
},
{
"name": "28167",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28167"
},
{
"name": "26350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26350"
},
{
"name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5116",
"datePublished": "2007-11-07T20:00:00",
"dateReserved": "2007-09-27T00:00:00",
"dateUpdated": "2024-08-07T15:17:28.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…