Lucene search

MitreCVE-2008-1927

HistoryApr 24, 2008 - 5:05 a.m.

CVE-2008-1927

2008-04-2405:05:00

CWE-399

mitre

web.nvd.nist.gov

cve-2008-1927

perl 5.8.8

double free vulnerability

denial of service

memory corruption

crash

utf8 characters

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.3

Confidence

High

EPSS

0.014

Percentile

86.2%

JSON

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.

Affected configurations

Nvd

Node

perlperlMatch5.8.8

VendorProductVersionCPE
perlperl5.8.8cpe:/a:perl:perl:5.8.8:::

Vendor	Product	Version	CPE
perl	perl	5.8.8	cpe:/a:perl:perl:5.8.8:::

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

osvdb.org/44588

rt.perl.org/rt3/Public/Bug/Display.html?id=48156

secunia.com/advisories/29948

secunia.com/advisories/30025

secunia.com/advisories/30326

secunia.com/advisories/30624

secunia.com/advisories/31208

secunia.com/advisories/31328

secunia.com/advisories/31467

secunia.com/advisories/31604

secunia.com/advisories/31687

secunia.com/advisories/33314

secunia.com/advisories/33937

support.apple.com/kb/HT3438

support.avaya.com/elmodocs2/security/ASA-2008-317.htm

support.avaya.com/elmodocs2/security/ASA-2008-361.htm

wiki.rpath.com/Advisories:rPSA-2009-0011

www.debian.org/security/2008/dsa-1556

www.gentoo.org/security/en/glsa/glsa-200805-17.xml

www.ipcop.org/index.php?name=News&file=article&sid=41

www.mandriva.com/security/advisories?name=MDVSA-2008:100

www.redhat.com/support/errata/RHSA-2008-0522.html

www.redhat.com/support/errata/RHSA-2008-0532.html

www.securityfocus.com/archive/1/500210/100/0/threaded

www.securityfocus.com/bid/28928

www.securitytracker.com/id?1020253

www.ubuntu.com/usn/usn-700-1

www.ubuntu.com/usn/usn-700-2

www.vmware.com/security/advisories/VMSA-2008-0013.html

www.vupen.com/english/advisories/2008/2265/references

www.vupen.com/english/advisories/2008/2361

www.vupen.com/english/advisories/2008/2424

www.vupen.com/english/advisories/2009/0422

exchange.xforce.ibmcloud.com/vulnerabilities/41996

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10579

www.redhat.com/archives/fedora-package-announce/2008-April/msg00601.html

www.redhat.com/archives/fedora-package-announce/2008-April/msg00607.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.3

Confidence

High

EPSS

0.014

Percentile

86.2%

JSON

Related for CVE-2008-1927