1. CVE-Search
  2. CVE-2020-14393
ID CVE-2020-14393
Summary A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
References
Vulnerable Configurations
  • cpe:2.3:a:perl:database_interface:1.601:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.601:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.602:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.602:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.603:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.603:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.604:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.604:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.605:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.605:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.606:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.606:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.607:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.607:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.608:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.608:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.609:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.609:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.611:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.611:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.611_90:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.611_90:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.611_91:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.611_91:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.611_92:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.611_92:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.611_93:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.611_93:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.611_94:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.611_94:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.612:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.612:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.613:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.613:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.613_70:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.613_70:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.613_71:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.613_71:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.613_90:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.613_90:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.613_91:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.613_91:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.613_92:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.613_92:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.613_93:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.613_93:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.614:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.614:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.614_90:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.614_90:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.615:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.615:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.616:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.616:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.617:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.617:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.618:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.618:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.619:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.619:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.620:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.620:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.621:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.621:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.622:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.622:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.623:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.623:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.624:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.624:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.625:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.625:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.626:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.626:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.627:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.627:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.628:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.628:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.630:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.630:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.631:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.631:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.632:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.632:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.632_90:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.632_90:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.633:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.633:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.633_90:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.633_90:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.633_91:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.633_91:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.633_92:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.633_92:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.634:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.634:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.635:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.635:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.636:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.636:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.637:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.637:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.638:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.638:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.639:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.639:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.640:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.640:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.641:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.641:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:database_interface:1.642:*:*:*:*:*:*:*
    cpe:2.3:a:perl:database_interface:1.642:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
CVSS
Base: 3.6 (as of 06-12-2022 - 21:30)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:P
refmap via4
fedora FEDORA-2020-f30298614a
misc
mlist [debian-lts-announce] 20200928 [SECURITY] [DLA 2386-1] libdbi-perl security update
suse
  • openSUSE-SU-2020:1483
  • openSUSE-SU-2020:1502
Last major update 06-12-2022 - 21:30
Published 16-09-2020 - 14:15
Last modified 06-12-2022 - 21:30
Back to Top