CVE-2011-0761
MEDIUM severity · CVSS 5
5CVSS MEDIUM
Summary
Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impactNone
Integrity impactNone
Availability impact—
Exploit probability (EPSS)9%
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://securityreason.com/securityalert/8248
- http://www.securityfocus.com/archive/1/517916/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67355
- http://securitytracker.com/id?1025507Exploit
- http://www.securityfocus.com/bid/47766Exploit
- http://www.toucan-system.com/advisories/tssa-2011-03.txtExploit