Vulnerability-Lookup

CVE-2007-5116 (GCVE-0-2007-5116)

Vulnerability from cvelistv5 – Published: 2007-11-07 20:00 – Updated: 2024-08-07 15:17

Summary

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

54 references

URL	Tags
http://secunia.com/advisories/27479	third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2007/dsa-1400	vendor-advisoryx_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=120352263023774&w=2	vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=120352263023774&w=2	vendor-advisoryx_refsource_HP
http://www.vupen.com/english/advisories/2007/4238	vdb-entryx_refsource_VUPEN
http://www.us-cert.gov/cas/techalerts/TA07-352A.html	third-party-advisoryx_refsource_CERT
http://www-1.ibm.com/support/docview.wss?uid=isg1…	vendor-advisoryx_refsource_AIXAPAR
http://secunia.com/advisories/27936	third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/483563/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/28993	third-party-advisoryx_refsource_SECUNIA
http://www-1.ibm.com/support/docview.wss?uid=isg1…	vendor-advisoryx_refsource_AIXAPAR
https://issues.rpath.com/browse/RPL-1813	x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
http://www.ubuntu.com/usn/usn-552-1	vendor-advisoryx_refsource_UBUNTU
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://securitytracker.com/id?1018899	vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2008/0641	vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/27756	third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-09…	vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/29074	third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/485936/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/27548	third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=323571	x_refsource_MISC
http://secunia.com/advisories/27546	third-party-advisoryx_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-20071…	vendor-advisoryx_refsource_GENTOO
http://www.vupen.com/english/advisories/2007/3724	vdb-entryx_refsource_VUPEN
http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
http://www.openpkg.com/security/advisories/OpenPK…	vendor-advisoryx_refsource_OPENPKG
https://bugzilla.redhat.com/show_bug.cgi?id=378131	x_refsource_MISC
http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
http://secunia.com/advisories/27531	third-party-advisoryx_refsource_SECUNIA
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
http://secunia.com/advisories/27515	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27570	third-party-advisoryx_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=307179	x_refsource_CONFIRM
http://secunia.com/advisories/27613	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28368	third-party-advisoryx_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/4255	vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/archive/1/483584/100…	mailing-listx_refsource_BUGTRAQ
http://www.ipcop.org/index.php?name=News&file=art…	x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
ftp://aix.software.ibm.com/aix/efixes/security/README	x_refsource_CONFIRM
http://secunia.com/advisories/31208	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28387	third-party-advisoryx_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/0064	vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/28167	third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/26350	vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/486859/100…	mailing-listx_refsource_BUGTRAQ

Date Public ?

2007-11-05 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:28.328Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27479"
          },
          {
            "name": "DSA-1400",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1400"
          },
          {
            "name": "HPSBTU02311",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
          },
          {
            "name": "SSRT080001",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
          },
          {
            "name": "ADV-2007-4238",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "TA07-352A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "IZ10244",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
          },
          {
            "name": "27936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27936"
          },
          {
            "name": "20071110 FLEA-2007-0063-1 perl",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
          },
          {
            "name": "28993",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28993"
          },
          {
            "name": "IZ10220",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1813"
          },
          {
            "name": "31524",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
          },
          {
            "name": "USN-552-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-552-1"
          },
          {
            "name": "oval:org.mitre.oval:def:10669",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
          },
          {
            "name": "1018899",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018899"
          },
          {
            "name": "ADV-2008-0641",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0641"
          },
          {
            "name": "27756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27756"
          },
          {
            "name": "RHSA-2007:0966",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
          },
          {
            "name": "29074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29074"
          },
          {
            "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
          },
          {
            "name": "27548",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27548"
          },
          {
            "name": "RHSA-2007:1011",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
          },
          {
            "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
          },
          {
            "name": "27546",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27546"
          },
          {
            "name": "GLSA-200711-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
          },
          {
            "name": "ADV-2007-3724",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3724"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
          },
          {
            "name": "OpenPKG-SA-2007.023",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
          },
          {
            "name": "231524",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
          },
          {
            "name": "27531",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27531"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "27515",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27515"
          },
          {
            "name": "27570",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27570"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "27613",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27613"
          },
          {
            "name": "28368",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28368"
          },
          {
            "name": "SUSE-SR:2007:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
          },
          {
            "name": "1018985",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
          },
          {
            "name": "MDKSA-2007:207",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
          },
          {
            "name": "ADV-2007-4255",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4255"
          },
          {
            "name": "20071112 FLEA-2007-0069-1 perl",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
          },
          {
            "name": "perl-unicode-bo(38270)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
          },
          {
            "name": "31208",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31208"
          },
          {
            "name": "28387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28387"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
          },
          {
            "name": "ADV-2008-0064",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0064"
          },
          {
            "name": "28167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28167"
          },
          {
            "name": "26350",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26350"
          },
          {
            "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27479"
        },
        {
          "name": "DSA-1400",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1400"
        },
        {
          "name": "HPSBTU02311",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
        },
        {
          "name": "SSRT080001",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
        },
        {
          "name": "ADV-2007-4238",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4238"
        },
        {
          "name": "TA07-352A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
        },
        {
          "name": "IZ10244",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
        },
        {
          "name": "27936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27936"
        },
        {
          "name": "20071110 FLEA-2007-0063-1 perl",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
        },
        {
          "name": "28993",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28993"
        },
        {
          "name": "IZ10220",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1813"
        },
        {
          "name": "31524",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
        },
        {
          "name": "USN-552-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-552-1"
        },
        {
          "name": "oval:org.mitre.oval:def:10669",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
        },
        {
          "name": "1018899",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018899"
        },
        {
          "name": "ADV-2008-0641",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0641"
        },
        {
          "name": "27756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27756"
        },
        {
          "name": "RHSA-2007:0966",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
        },
        {
          "name": "29074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29074"
        },
        {
          "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
        },
        {
          "name": "27548",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27548"
        },
        {
          "name": "RHSA-2007:1011",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
        },
        {
          "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
        },
        {
          "name": "27546",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27546"
        },
        {
          "name": "GLSA-200711-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
        },
        {
          "name": "ADV-2007-3724",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3724"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
        },
        {
          "name": "OpenPKG-SA-2007.023",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
        },
        {
          "name": "231524",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
        },
        {
          "name": "27531",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27531"
        },
        {
          "name": "APPLE-SA-2007-12-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
        },
        {
          "name": "27515",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27515"
        },
        {
          "name": "27570",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27570"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307179"
        },
        {
          "name": "27613",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27613"
        },
        {
          "name": "28368",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28368"
        },
        {
          "name": "SUSE-SR:2007:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
        },
        {
          "name": "1018985",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
        },
        {
          "name": "MDKSA-2007:207",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
        },
        {
          "name": "ADV-2007-4255",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4255"
        },
        {
          "name": "20071112 FLEA-2007-0069-1 perl",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
        },
        {
          "name": "perl-unicode-bo(38270)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
        },
        {
          "name": "31208",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31208"
        },
        {
          "name": "28387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28387"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
        },
        {
          "name": "ADV-2008-0064",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0064"
        },
        {
          "name": "28167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28167"
        },
        {
          "name": "26350",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26350"
        },
        {
          "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5116",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27479"
            },
            {
              "name": "DSA-1400",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1400"
            },
            {
              "name": "HPSBTU02311",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
            },
            {
              "name": "SSRT080001",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "IZ10244",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
            },
            {
              "name": "27936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27936"
            },
            {
              "name": "20071110 FLEA-2007-0063-1 perl",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
            },
            {
              "name": "28993",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28993"
            },
            {
              "name": "IZ10220",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1813",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1813"
            },
            {
              "name": "31524",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
            },
            {
              "name": "USN-552-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-552-1"
            },
            {
              "name": "oval:org.mitre.oval:def:10669",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
            },
            {
              "name": "1018899",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018899"
            },
            {
              "name": "ADV-2008-0641",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0641"
            },
            {
              "name": "27756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27756"
            },
            {
              "name": "RHSA-2007:0966",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
            },
            {
              "name": "29074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29074"
            },
            {
              "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
            },
            {
              "name": "27548",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27548"
            },
            {
              "name": "RHSA-2007:1011",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
            },
            {
              "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=323571",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
            },
            {
              "name": "27546",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27546"
            },
            {
              "name": "GLSA-200711-28",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
            },
            {
              "name": "ADV-2007-3724",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3724"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
            },
            {
              "name": "OpenPKG-SA-2007.023",
              "refsource": "OPENPKG",
              "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=378131",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
            },
            {
              "name": "231524",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
            },
            {
              "name": "27531",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27531"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "27515",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27515"
            },
            {
              "name": "27570",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27570"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "27613",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27613"
            },
            {
              "name": "28368",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28368"
            },
            {
              "name": "SUSE-SR:2007:024",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
            },
            {
              "name": "1018985",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
            },
            {
              "name": "MDKSA-2007:207",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
            },
            {
              "name": "ADV-2007-4255",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4255"
            },
            {
              "name": "20071112 FLEA-2007-0069-1 perl",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
            },
            {
              "name": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41",
              "refsource": "CONFIRM",
              "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
            },
            {
              "name": "perl-unicode-bo(38270)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
            },
            {
              "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
              "refsource": "CONFIRM",
              "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
            },
            {
              "name": "31208",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31208"
            },
            {
              "name": "28387",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28387"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
            },
            {
              "name": "ADV-2008-0064",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0064"
            },
            {
              "name": "28167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28167"
            },
            {
              "name": "26350",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26350"
            },
            {
              "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5116",
    "datePublished": "2007-11-07T20:00:00.000Z",
    "dateReserved": "2007-09-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:17:28.328Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2007-5116",
      "date": "2026-05-21",
      "epss": "0.08802",
      "percentile": "0.92619"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*\", \"matchCriteriaId\": \"F5114DA3-FBB9-47C4-857B-3212404DAD4E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*\", \"matchCriteriaId\": \"4D5F5A52-285E-4E7E-83B8-508079DBCEAE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*\", \"matchCriteriaId\": \"674BE2D9-009B-46C5-A071-CB10368B8D48\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*\", \"matchCriteriaId\": \"703486E5-906B-4BDB-A046-28D4D73E3F03\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*\", \"matchCriteriaId\": \"ABB5AC0D-2358-4C8E-99B5-2CE0A678F549\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*\", \"matchCriteriaId\": \"38B37184-BA88-44F1-AC9E-8B60C2419111\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*\", \"matchCriteriaId\": \"0D8C9247-3E18-4DD9-AF5B-B2996C76443F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*\", \"matchCriteriaId\": \"0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*\", \"matchCriteriaId\": \"D7B877A8-5318-402E-8AE1-753E7419060F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*\", \"matchCriteriaId\": \"A3938420-087D-4D92-A2F8-EAE54D9837EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*\", \"matchCriteriaId\": \"4567FE5A-5061-4741-AA6D-4AB365579F8D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02362C25-B373-4FB1-AF4A-2AFC7F7D4387\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*\", \"matchCriteriaId\": \"19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19D64247-F0A0-4984-84EA-B63FC901F002\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*\", \"matchCriteriaId\": \"316AA6EB-7191-479E-99D5-40DA79E340E7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB7AD2F3-451D-4F37-A6F3-DE676804BBA3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*\", \"matchCriteriaId\": \"5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BB0B27C-04EA-426F-9016-7406BACD91DF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*\", \"matchCriteriaId\": \"BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94F65351-C2DA-41C0-A3F9-1AE951E4386E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*\", \"matchCriteriaId\": \"1B795F9F-AFB3-4A2A-ABC6-9246906800DE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*\", \"matchCriteriaId\": \"327FEE54-79EC-4B5E-B838-F3C61FCDF48E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*\", \"matchCriteriaId\": \"056C1C15-D110-4309-A9A6-41BD753FE4F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*\", \"matchCriteriaId\": \"08392974-5AC1-4B12-893F-3F733EF05F80\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*\", \"matchCriteriaId\": \"49EF5B77-9BC9-4AE8-A677-48E5E576BE63\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*\", \"matchCriteriaId\": \"36389D32-61C1-4487-8399-FA7D2864FACD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*\", \"matchCriteriaId\": \"49B67F74-AF8F-4A27-AA8A-A8479E256A9F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*\", \"matchCriteriaId\": \"3AA8F2EC-55E9-4529-A816-B5D495605F6B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*\", \"matchCriteriaId\": \"40D71CBC-D365-4710-BAB5-8A1159F35E41\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF3BBBC3-3EF9-4E24-9DE2-627E172A5473\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D74A418-50F0-42C0-ABBC-BBBE718FF025\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*\", \"matchCriteriaId\": \"84A50ED3-FD0D-4038-B3E7-CC65D166C968\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*\", \"matchCriteriaId\": \"777F9EC0-2919-45CA-BFF8-78A02537C513\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D30E072-9E6A-49B4-A5C7-63A328598A68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"434F0580-985F-42AF-BA10-FAB7E2C23ED0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18B179E0-C843-46C9-AAD2-78E998175E41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD5E5A51-ED4C-4927-8C4D-502E79391E19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"171C82CB-2E92-4D41-B1B1-DCFE929E8270\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25633253-D9DE-41F0-A787-D0E8B2B3B9F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEDF9611-E4E2-4059-B45E-D3A61AC9DB47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49A9D197-D889-4BE4-BE7A-2EE9536A7498\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0A4538C-3870-431E-A225-D8523D77A4E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8233B3A-E09D-425B-B1A1-65CD170FD384\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:larry_wall:perl:5.8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E35450A-07C3-40B9-88FA-3ACCA498F019\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77FF1412-A7DA-4669-8AE1-5A529AB387FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D342447B-5233-45FD-B1CF-8D84921402AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:1.0:*:application_stack:*:*:*:*:*\", \"matchCriteriaId\": \"BCCA408D-B65C-45F3-80E8-3B8D4ACE047C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer en el soporte opcode polim\\u00f3rfico del Motor de Expresiones Regulares (regcomp.c) en Perl 5.8 permite a atacantes dependientes de contexto ejecutar c\\u00f3digo de su elecci\\u00f3n cambiando de byte a caracteres Unicode (UTF) en una expresi\\u00f3n regular.\"}]",
      "id": "CVE-2007-5116",
      "lastModified": "2024-11-21T00:37:09.763",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-11-07T23:46:00.000",
      "references": "[{\"url\": \"ftp://aix.software.ibm.com/aix/efixes/security/README\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307179\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.vmware.com/pipermail/security-announce/2008/000002.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27479\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27515\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27531\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27546\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27548\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27570\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27613\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27756\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27936\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/28167\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/28368\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/28387\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/28993\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/29074\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/31208\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1018899\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2007/dsa-1400\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:207\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2007_24_sr.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-0966.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-1011.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/483563/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/483584/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/485936/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/486859/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/26350\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-552-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0001.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/3724\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4238\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4255\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0064\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0641\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=323571\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=378131\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/38270\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-1813\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669\", \"source\": \"cve@mitre.org\"}, {\"url\": \"ftp://aix.software.ibm.com/aix/efixes/security/README\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307179\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.vmware.com/pipermail/security-announce/2008/000002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27479\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27515\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27531\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27546\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27548\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27613\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27756\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27936\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28167\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28368\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28387\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28993\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/29074\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31208\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1018899\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2007/dsa-1400\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:207\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2007_24_sr.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-0966.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-1011.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/483563/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/483584/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/485936/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/486859/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/26350\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-552-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/3724\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4238\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4255\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0064\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0641\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=323571\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=378131\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/38270\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-1813\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5116\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-11-07T23:46:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer en el soporte opcode polim\u00f3rfico del Motor de Expresiones Regulares (regcomp.c) en Perl 5.8 permite a atacantes dependientes de contexto ejecutar c\u00f3digo de su elecci\u00f3n cambiando de byte a caracteres Unicode (UTF) en una expresi\u00f3n regular.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*\",\"matchCriteriaId\":\"F5114DA3-FBB9-47C4-857B-3212404DAD4E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*\",\"matchCriteriaId\":\"4D5F5A52-285E-4E7E-83B8-508079DBCEAE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*\",\"matchCriteriaId\":\"674BE2D9-009B-46C5-A071-CB10368B8D48\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*\",\"matchCriteriaId\":\"703486E5-906B-4BDB-A046-28D4D73E3F03\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*\",\"matchCriteriaId\":\"ABB5AC0D-2358-4C8E-99B5-2CE0A678F549\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*\",\"matchCriteriaId\":\"38B37184-BA88-44F1-AC9E-8B60C2419111\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*\",\"matchCriteriaId\":\"0D8C9247-3E18-4DD9-AF5B-B2996C76443F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*\",\"matchCriteriaId\":\"0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*\",\"matchCriteriaId\":\"D7B877A8-5318-402E-8AE1-753E7419060F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*\",\"matchCriteriaId\":\"A3938420-087D-4D92-A2F8-EAE54D9837EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*\",\"matchCriteriaId\":\"4567FE5A-5061-4741-AA6D-4AB365579F8D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02362C25-B373-4FB1-AF4A-2AFC7F7D4387\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19D64247-F0A0-4984-84EA-B63FC901F002\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"316AA6EB-7191-479E-99D5-40DA79E340E7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB7AD2F3-451D-4F37-A6F3-DE676804BBA3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BB0B27C-04EA-426F-9016-7406BACD91DF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94F65351-C2DA-41C0-A3F9-1AE951E4386E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"1B795F9F-AFB3-4A2A-ABC6-9246906800DE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*\",\"matchCriteriaId\":\"327FEE54-79EC-4B5E-B838-F3C61FCDF48E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*\",\"matchCriteriaId\":\"056C1C15-D110-4309-A9A6-41BD753FE4F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*\",\"matchCriteriaId\":\"08392974-5AC1-4B12-893F-3F733EF05F80\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*\",\"matchCriteriaId\":\"49EF5B77-9BC9-4AE8-A677-48E5E576BE63\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*\",\"matchCriteriaId\":\"36389D32-61C1-4487-8399-FA7D2864FACD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*\",\"matchCriteriaId\":\"49B67F74-AF8F-4A27-AA8A-A8479E256A9F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8F2EC-55E9-4529-A816-B5D495605F6B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*\",\"matchCriteriaId\":\"40D71CBC-D365-4710-BAB5-8A1159F35E41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3BBBC3-3EF9-4E24-9DE2-627E172A5473\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D74A418-50F0-42C0-ABBC-BBBE718FF025\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*\",\"matchCriteriaId\":\"84A50ED3-FD0D-4038-B3E7-CC65D166C968\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*\",\"matchCriteriaId\":\"777F9EC0-2919-45CA-BFF8-78A02537C513\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D30E072-9E6A-49B4-A5C7-63A328598A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"434F0580-985F-42AF-BA10-FAB7E2C23ED0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18B179E0-C843-46C9-AAD2-78E998175E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD5E5A51-ED4C-4927-8C4D-502E79391E19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"171C82CB-2E92-4D41-B1B1-DCFE929E8270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25633253-D9DE-41F0-A787-D0E8B2B3B9F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEDF9611-E4E2-4059-B45E-D3A61AC9DB47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A9D197-D889-4BE4-BE7A-2EE9536A7498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A4538C-3870-431E-A225-D8523D77A4E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8233B3A-E09D-425B-B1A1-65CD170FD384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:larry_wall:perl:5.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E35450A-07C3-40B9-88FA-3ACCA498F019\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77FF1412-A7DA-4669-8AE1-5A529AB387FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D342447B-5233-45FD-B1CF-8D84921402AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:1.0:*:application_stack:*:*:*:*:*\",\"matchCriteriaId\":\"BCCA408D-B65C-45F3-80E8-3B8D4ACE047C\"}]}]}],\"references\":[{\"url\":\"ftp://aix.software.ibm.com/aix/efixes/security/README\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2008/000002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27479\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27515\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27531\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27546\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27548\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27570\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27613\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27756\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27936\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28167\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28368\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28387\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28993\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29074\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31208\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1018899\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1400\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:207\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_24_sr.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0966.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-1011.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/483563/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/483584/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/485936/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/486859/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26350\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-552-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3724\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4255\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0064\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0641\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=323571\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=378131\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38270\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1813\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://aix.software.ibm.com/aix/efixes/security/README\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2008/000002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27515\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27531\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27548\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27613\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27936\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28167\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28368\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28993\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31208\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1018899\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1400\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_24_sr.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0966.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-1011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/483563/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/483584/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/485936/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/486859/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26350\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-552-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3724\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0064\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0641\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=323571\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=378131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38270\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1813\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2007-AVI-481

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité de Perl peut être exploitée par une personne malintentionnée distante pour effectuer un déni de service ou exécuter du code arbitraire.

Description

Une vulnérabilité de type débordement de mémoire a été identifiée dans Perl, plus précisément dans le traitement d'expressions régulières en Unicode. Ceci peut être exploité par une personne malintentionnée distante pour effectuer un déni de service voire exécuter du code arbitraire via une expression régulière spécialement construite.

Solution

La version de développement 5.9.5 corrige le problème. Se référer aux bulletins de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

Perl 5.x versions antérieures à 5.9.5.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Mandriva MDKSA-2007:207 du 05 novembre 2007	None	vendor-advisory
Bulletin de sécurité de SUN du 21 février 2008 :	-	other
Bulletin de sécurité rPath 2007-0232-1 du 06 novembre 2007 :	-	other
Bulletin de sécurité pour HP Tru64 Unix version 5.1B-3 du 21 février 2008 :	-	other
Bulletin de sécurité RedHat RHSA-2007:0966 du 05 novembre 2007 :	-	other
Bulletin de sécurité Mandriva MDKSA-2007:207 du 05 novembre 2007 :	-	other
Bulletin de sécurité Debian DSA 1400-1 du 06 novembre 2007 :	-	other
Bulletin de sécurité pour HP Tru64 Unix version 5.1B-4 du 21 février 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003ePerl 5.x versions ant\u00e9rieures \u00e0 5.9.5.\u003c/P\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire a \u00e9t\u00e9 identifi\u00e9e dans\nPerl, plus pr\u00e9cis\u00e9ment dans le traitement d\u0027expressions r\u00e9guli\u00e8res en\nUnicode. Ceci peut \u00eatre exploit\u00e9 par une personne malintentionn\u00e9e\ndistante pour effectuer un d\u00e9ni de service voire ex\u00e9cuter du code\narbitraire via une expression r\u00e9guli\u00e8re sp\u00e9cialement construite.\n\n## Solution\n\nLa version de d\u00e9veloppement 5.9.5 corrige le probl\u00e8me. Se r\u00e9f\u00e9rer aux\nbulletins de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des correctifs (cf.\nsection Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de SUN du 21 f\u00e9vrier 2008 :",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 rPath 2007-0232-1 du 06 novembre 2007    :",
      "url": "http://lists.rpath.com/pipermail/security-announce/2007-November/000274.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 pour HP Tru64 Unix version 5.1B-3 du    21 f\u00e9vrier 2008 :",
      "url": "http://www.itrc.hp.com/service/patch/...hid=T64KIT1001399-V51BB26-ES-20071207"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0966 du 05 novembre    2007 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0966.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:207 du 05 novembre    2007 :",
      "url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:207"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1400-1 du 06 novembre 2007    :",
      "url": "http://www.debian.org/security/dsa-1400"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 pour HP Tru64 Unix version 5.1B-4 du    21 f\u00e9vrier 2008 :",
      "url": "http://www.itrc.hp.com/service/patch/...I.do?patchid=perl_V51BB27-ES-20080207"
    }
  ],
  "reference": "CERTA-2007-AVI-481",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-11-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 de Perl peut \u00eatre exploit\u00e9e par une personne\nmalintentionn\u00e9e distante pour effectuer un d\u00e9ni de service ou ex\u00e9cuter\ndu code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de Perl",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:207 du 05 novembre 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-551

Vulnerability from certfr_avis - Published: - Updated:

None

Description

De multiples vulnérabilités ont été découvertes dans les systèmes d'exploitation Apple Mac OS X. L'exploitation de ces vulnérabilités permettent à une personne malveillante d'exécuter diverses actions dont l'exécution de code arbitraire à distance, l'atteinte à l'intégrité des données, l'élévation de privilèges ou le contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307179 du 12 décembre 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter diverses actions dont\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance, l\u0027atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es, l\u0027\u00e9l\u00e9vation de privil\u00e8ges ou le contournement de la politique\nde s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4710"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2007-5857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5857"
    },
    {
      "name": "CVE-2007-4351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4351"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-5851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5851"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3876"
    },
    {
      "name": "CVE-2007-4708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4708"
    },
    {
      "name": "CVE-2007-5853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5853"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-1218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1218"
    },
    {
      "name": "CVE-2007-5848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5848"
    },
    {
      "name": "CVE-2007-5770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5770"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4709"
    },
    {
      "name": "CVE-2007-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5863"
    },
    {
      "name": "CVE-2007-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3798"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2007-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5849"
    },
    {
      "name": "CVE-2007-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5858"
    },
    {
      "name": "CVE-2007-4131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4131"
    },
    {
      "name": "CVE-2007-6165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6165"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2007-5855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5855"
    },
    {
      "name": "CVE-2007-5854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5854"
    },
    {
      "name": "CVE-2007-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4965"
    },
    {
      "name": "CVE-2007-5856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5856"
    },
    {
      "name": "CVE-2007-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5850"
    },
    {
      "name": "CVE-2007-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5859"
    },
    {
      "name": "CVE-2007-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5861"
    },
    {
      "name": "CVE-2007-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5860"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-5847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5847"
    }
  ],
  "links": [],
  "reference": "CERTA-2007-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307179 du 12 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    }
  ]
}

CERTA-2008-AVI-008

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités sur VMWare ESX Server et VirtualCenter Management Server permettent notamment à une personne malintentionnée distante d'exécuter du code arbitraire.

Description

De multiples vulnérabilités existent sur VMWare ESX Server. Celles-ci concernent des modules ou logiciels utilisés par le serveur et récemment mis à jour : OpenPegasus, Tomcat, Samba, OpenSSL, JRE, util-linux, et Perl. Certaines de ces failles permettent notamment à une personne malintentionnée distante d'exécuter du code arbitraire.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VirtualCenter Management Server 2.
VMware	N/A	VMWare ESX Server 2.0.x ;
VMware	N/A	VMWare ESX Server 3.0.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité VMWare VMSA-2008-0001 du 07 janvier 2008	None	vendor-advisory
Bulletin de sécurité VMWare VMSA-2008-0002 du 07 janvier 2008	None	vendor-advisory
Bulletin de sécurité VMWare VMSA-2008-0002 du 07 janvier 2008 :	-	other
Bulletin de sécurité VMWare VMSA-2008-0001 du 07 janvier 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VirtualCenter Management Server 2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMWare ESX Server 2.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMWare ESX Server 3.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s existent sur VMWare ESX Server. Celles-ci\nconcernent des modules ou logiciels utilis\u00e9s par le serveur et r\u00e9cemment\nmis \u00e0 jour : OpenPegasus, Tomcat, Samba, OpenSSL, JRE, util-linux, et\nPerl. Certaines de ces failles permettent notamment \u00e0 une personne\nmalintentionn\u00e9e distante d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5360"
    },
    {
      "name": "CVE-2007-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0450"
    },
    {
      "name": "CVE-2007-5135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5135"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3004"
    },
    {
      "name": "CVE-2005-2090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2090"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3108"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2006-7195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7195"
    },
    {
      "name": "CVE-2007-5191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5191"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier    2008 :",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier    2008 :",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    }
  ],
  "reference": "CERTA-2008-AVI-008",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-01-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s sur \u003cspan class=\"textit\"\u003eVMWare ESX\nServer\u003c/span\u003e et \u003cspan class=\"textit\"\u003eVirtualCenter Management\nServer\u003c/span\u003e permettent notamment \u00e0 une personne malintentionn\u00e9e\ndistante d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier 2008",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier 2008",
      "url": null
    }
  ]
}

CERTA-2007-AVI-481

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité de Perl peut être exploitée par une personne malintentionnée distante pour effectuer un déni de service ou exécuter du code arbitraire.

Description

Solution

La version de développement 5.9.5 corrige le problème. Se référer aux bulletins de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

Perl 5.x versions antérieures à 5.9.5.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Mandriva MDKSA-2007:207 du 05 novembre 2007	None	vendor-advisory
Bulletin de sécurité de SUN du 21 février 2008 :	-	other
Bulletin de sécurité rPath 2007-0232-1 du 06 novembre 2007 :	-	other
Bulletin de sécurité pour HP Tru64 Unix version 5.1B-3 du 21 février 2008 :	-	other
Bulletin de sécurité RedHat RHSA-2007:0966 du 05 novembre 2007 :	-	other
Bulletin de sécurité Mandriva MDKSA-2007:207 du 05 novembre 2007 :	-	other
Bulletin de sécurité Debian DSA 1400-1 du 06 novembre 2007 :	-	other
Bulletin de sécurité pour HP Tru64 Unix version 5.1B-4 du 21 février 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003ePerl 5.x versions ant\u00e9rieures \u00e0 5.9.5.\u003c/P\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire a \u00e9t\u00e9 identifi\u00e9e dans\nPerl, plus pr\u00e9cis\u00e9ment dans le traitement d\u0027expressions r\u00e9guli\u00e8res en\nUnicode. Ceci peut \u00eatre exploit\u00e9 par une personne malintentionn\u00e9e\ndistante pour effectuer un d\u00e9ni de service voire ex\u00e9cuter du code\narbitraire via une expression r\u00e9guli\u00e8re sp\u00e9cialement construite.\n\n## Solution\n\nLa version de d\u00e9veloppement 5.9.5 corrige le probl\u00e8me. Se r\u00e9f\u00e9rer aux\nbulletins de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des correctifs (cf.\nsection Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de SUN du 21 f\u00e9vrier 2008 :",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 rPath 2007-0232-1 du 06 novembre 2007    :",
      "url": "http://lists.rpath.com/pipermail/security-announce/2007-November/000274.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 pour HP Tru64 Unix version 5.1B-3 du    21 f\u00e9vrier 2008 :",
      "url": "http://www.itrc.hp.com/service/patch/...hid=T64KIT1001399-V51BB26-ES-20071207"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0966 du 05 novembre    2007 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0966.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:207 du 05 novembre    2007 :",
      "url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:207"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1400-1 du 06 novembre 2007    :",
      "url": "http://www.debian.org/security/dsa-1400"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 pour HP Tru64 Unix version 5.1B-4 du    21 f\u00e9vrier 2008 :",
      "url": "http://www.itrc.hp.com/service/patch/...I.do?patchid=perl_V51BB27-ES-20080207"
    }
  ],
  "reference": "CERTA-2007-AVI-481",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-11-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 de Perl peut \u00eatre exploit\u00e9e par une personne\nmalintentionn\u00e9e distante pour effectuer un d\u00e9ni de service ou ex\u00e9cuter\ndu code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de Perl",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:207 du 05 novembre 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-551

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307179 du 12 décembre 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter diverses actions dont\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance, l\u0027atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es, l\u0027\u00e9l\u00e9vation de privil\u00e8ges ou le contournement de la politique\nde s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4710"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2007-5857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5857"
    },
    {
      "name": "CVE-2007-4351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4351"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-5851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5851"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3876"
    },
    {
      "name": "CVE-2007-4708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4708"
    },
    {
      "name": "CVE-2007-5853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5853"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-1218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1218"
    },
    {
      "name": "CVE-2007-5848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5848"
    },
    {
      "name": "CVE-2007-5770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5770"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4709"
    },
    {
      "name": "CVE-2007-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5863"
    },
    {
      "name": "CVE-2007-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3798"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2007-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5849"
    },
    {
      "name": "CVE-2007-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5858"
    },
    {
      "name": "CVE-2007-4131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4131"
    },
    {
      "name": "CVE-2007-6165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6165"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2007-5855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5855"
    },
    {
      "name": "CVE-2007-5854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5854"
    },
    {
      "name": "CVE-2007-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4965"
    },
    {
      "name": "CVE-2007-5856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5856"
    },
    {
      "name": "CVE-2007-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5850"
    },
    {
      "name": "CVE-2007-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5859"
    },
    {
      "name": "CVE-2007-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5861"
    },
    {
      "name": "CVE-2007-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5860"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-5847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5847"
    }
  ],
  "links": [],
  "reference": "CERTA-2007-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307179 du 12 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    }
  ]
}

CERTA-2008-AVI-008

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités sur VMWare ESX Server et VirtualCenter Management Server permettent notamment à une personne malintentionnée distante d'exécuter du code arbitraire.

Description

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VirtualCenter Management Server 2.
VMware	N/A	VMWare ESX Server 2.0.x ;
VMware	N/A	VMWare ESX Server 3.0.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité VMWare VMSA-2008-0001 du 07 janvier 2008	None	vendor-advisory
Bulletin de sécurité VMWare VMSA-2008-0002 du 07 janvier 2008	None	vendor-advisory
Bulletin de sécurité VMWare VMSA-2008-0002 du 07 janvier 2008 :	-	other
Bulletin de sécurité VMWare VMSA-2008-0001 du 07 janvier 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VirtualCenter Management Server 2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMWare ESX Server 2.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMWare ESX Server 3.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s existent sur VMWare ESX Server. Celles-ci\nconcernent des modules ou logiciels utilis\u00e9s par le serveur et r\u00e9cemment\nmis \u00e0 jour : OpenPegasus, Tomcat, Samba, OpenSSL, JRE, util-linux, et\nPerl. Certaines de ces failles permettent notamment \u00e0 une personne\nmalintentionn\u00e9e distante d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5360"
    },
    {
      "name": "CVE-2007-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0450"
    },
    {
      "name": "CVE-2007-5135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5135"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3004"
    },
    {
      "name": "CVE-2005-2090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2090"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3108"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2006-7195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7195"
    },
    {
      "name": "CVE-2007-5191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5191"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier    2008 :",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier    2008 :",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    }
  ],
  "reference": "CERTA-2008-AVI-008",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-01-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s sur \u003cspan class=\"textit\"\u003eVMWare ESX\nServer\u003c/span\u003e et \u003cspan class=\"textit\"\u003eVirtualCenter Management\nServer\u003c/span\u003e permettent notamment \u00e0 une personne malintentionn\u00e9e\ndistante d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier 2008",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier 2008",
      "url": null
    }
  ]
}

FKIE_CVE-2007-5116

Vulnerability from fkie_nvd - Published: 2007-11-07 23:46 - Updated: 2026-04-23 00:35

Severity ?

Summary

References

URL	Tags
cve@mitre.org	ftp://aix.software.ibm.com/aix/efixes/security/README
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307179
cve@mitre.org	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
cve@mitre.org	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=120352263023774&w=2
cve@mitre.org	http://secunia.com/advisories/27479
cve@mitre.org	http://secunia.com/advisories/27515
cve@mitre.org	http://secunia.com/advisories/27531	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/27546
cve@mitre.org	http://secunia.com/advisories/27548
cve@mitre.org	http://secunia.com/advisories/27570
cve@mitre.org	http://secunia.com/advisories/27613
cve@mitre.org	http://secunia.com/advisories/27756
cve@mitre.org	http://secunia.com/advisories/27936
cve@mitre.org	http://secunia.com/advisories/28167
cve@mitre.org	http://secunia.com/advisories/28368
cve@mitre.org	http://secunia.com/advisories/28387
cve@mitre.org	http://secunia.com/advisories/28993
cve@mitre.org	http://secunia.com/advisories/29074
cve@mitre.org	http://secunia.com/advisories/31208
cve@mitre.org	http://securitytracker.com/id?1018899
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1
cve@mitre.org	http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244
cve@mitre.org	http://www.debian.org/security/2007/dsa-1400
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml
cve@mitre.org	http://www.ipcop.org/index.php?name=News&file=article&sid=41
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:207	Patch
cve@mitre.org	http://www.novell.com/linux/security/advisories/2007_24_sr.html
cve@mitre.org	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-0966.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-1011.html
cve@mitre.org	http://www.securityfocus.com/archive/1/483563/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/483584/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/485936/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/486859/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26350
cve@mitre.org	http://www.ubuntu.com/usn/usn-552-1
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3724
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4238
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4255
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0064
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0641
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=323571
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=378131
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38270
cve@mitre.org	https://issues.rpath.com/browse/RPL-1813
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669
af854a3a-2127-422b-91ae-364da2661108	ftp://aix.software.ibm.com/aix/efixes/security/README
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120352263023774&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27479
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27515
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27531	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27546
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27548
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27570
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27613
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27756
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27936
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28167
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28368
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28387
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28993
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29074
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31208
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018899
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1400
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.ipcop.org/index.php?name=News&file=article&sid=41
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:207	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_24_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0966.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1011.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483563/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483584/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/485936/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/486859/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26350
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-552-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3724
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4255
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0064
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0641
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=323571
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=378131
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38270
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1813
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669

Impacted products

Vendor	Product	Version
debian	debian_linux	3.1
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
rpath	rpath_linux	1
larry_wall	perl	5.8.0
larry_wall	perl	5.8.1
larry_wall	perl	5.8.3
larry_wall	perl	5.8.4
larry_wall	perl	5.8.4.1
larry_wall	perl	5.8.4.2
larry_wall	perl	5.8.4.2.3
larry_wall	perl	5.8.4.3
larry_wall	perl	5.8.4.4
larry_wall	perl	5.8.4.5
larry_wall	perl	5.8.6
mandrakesoft	mandrake_multi_network_firewall	2.0
openpkg	openpkg	current
redhat	enterprise_linux	1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*",
              "matchCriteriaId": "4567FE5A-5061-4741-AA6D-4AB365579F8D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7AD2F3-451D-4F37-A6F3-DE676804BBA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*",
              "matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*",
              "matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*",
              "matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*",
              "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*",
              "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*",
              "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*",
              "matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D30E072-9E6A-49B4-A5C7-63A328598A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "434F0580-985F-42AF-BA10-FAB7E2C23ED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B179E0-C843-46C9-AAD2-78E998175E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5E5A51-ED4C-4927-8C4D-502E79391E19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "171C82CB-2E92-4D41-B1B1-DCFE929E8270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "25633253-D9DE-41F0-A787-D0E8B2B3B9F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEDF9611-E4E2-4059-B45E-D3A61AC9DB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49A9D197-D889-4BE4-BE7A-2EE9536A7498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A4538C-3870-431E-A225-D8523D77A4E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8233B3A-E09D-425B-B1A1-65CD170FD384",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E35450A-07C3-40B9-88FA-3ACCA498F019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
              "matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:1.0:*:application_stack:*:*:*:*:*",
              "matchCriteriaId": "BCCA408D-B65C-45F3-80E8-3B8D4ACE047C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el soporte opcode polim\u00f3rfico del Motor de Expresiones Regulares (regcomp.c) en Perl 5.8 permite a atacantes dependientes de contexto ejecutar c\u00f3digo de su elecci\u00f3n cambiando de byte a caracteres Unicode (UTF) en una expresi\u00f3n regular."
    }
  ],
  "id": "CVE-2007-5116",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-07T23:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27479"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27515"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27531"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27546"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27548"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27570"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27613"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27756"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27936"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28167"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28387"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28993"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29074"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31208"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018899"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2007/dsa-1400"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26350"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-552-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3724"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4255"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0641"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1813"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27515"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27531"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31208"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26350"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-552-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3WP4-6PWM-VCXJ

Vulnerability from github – Published: 2022-05-03 03:18 – Updated: 2022-05-03 03:18

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-5116"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-11-07T23:46:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.",
  "id": "GHSA-3wp4-6pwm-vcxj",
  "modified": "2022-05-03T03:18:25Z",
  "published": "2022-05-03T03:18:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5116"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1813"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27479"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27515"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27531"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27546"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27548"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27570"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27613"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27756"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27936"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28167"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28387"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28993"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29074"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31208"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018899"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1400"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26350"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-552-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3724"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4255"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0641"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2007-5116

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-5116

Aliases

CVE-2007-5116

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-5116",
    "description": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.",
    "id": "GSD-2007-5116",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-5116.html",
      "https://www.debian.org/security/2007/dsa-1400",
      "https://access.redhat.com/errata/RHSA-2010:0602",
      "https://access.redhat.com/errata/RHSA-2007:1011",
      "https://access.redhat.com/errata/RHSA-2007:0966",
      "https://linux.oracle.com/cve/CVE-2007-5116.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-5116"
      ],
      "details": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.",
      "id": "GSD-2007-5116",
      "modified": "2023-12-13T01:21:40.679479Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-5116",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "27479",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27479"
          },
          {
            "name": "DSA-1400",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2007/dsa-1400"
          },
          {
            "name": "HPSBTU02311",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
          },
          {
            "name": "SSRT080001",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
          },
          {
            "name": "ADV-2007-4238",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "TA07-352A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "IZ10244",
            "refsource": "AIXAPAR",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
          },
          {
            "name": "27936",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27936"
          },
          {
            "name": "20071110 FLEA-2007-0063-1 perl",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
          },
          {
            "name": "28993",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28993"
          },
          {
            "name": "IZ10220",
            "refsource": "AIXAPAR",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1813",
            "refsource": "CONFIRM",
            "url": "https://issues.rpath.com/browse/RPL-1813"
          },
          {
            "name": "31524",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
          },
          {
            "name": "USN-552-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-552-1"
          },
          {
            "name": "oval:org.mitre.oval:def:10669",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
          },
          {
            "name": "1018899",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1018899"
          },
          {
            "name": "ADV-2008-0641",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0641"
          },
          {
            "name": "27756",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27756"
          },
          {
            "name": "RHSA-2007:0966",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
          },
          {
            "name": "29074",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29074"
          },
          {
            "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
          },
          {
            "name": "27548",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27548"
          },
          {
            "name": "RHSA-2007:1011",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
          },
          {
            "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "refsource": "MLIST",
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=323571",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
          },
          {
            "name": "27546",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27546"
          },
          {
            "name": "GLSA-200711-28",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
          },
          {
            "name": "ADV-2007-3724",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3724"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm",
            "refsource": "CONFIRM",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
          },
          {
            "name": "OpenPKG-SA-2007.023",
            "refsource": "OPENPKG",
            "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=378131",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
          },
          {
            "name": "231524",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
          },
          {
            "name": "27531",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27531"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "27515",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27515"
          },
          {
            "name": "27570",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27570"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307179",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "27613",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27613"
          },
          {
            "name": "28368",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28368"
          },
          {
            "name": "SUSE-SR:2007:024",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
          },
          {
            "name": "1018985",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
          },
          {
            "name": "MDKSA-2007:207",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
          },
          {
            "name": "ADV-2007-4255",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4255"
          },
          {
            "name": "20071112 FLEA-2007-0069-1 perl",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
          },
          {
            "name": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41",
            "refsource": "CONFIRM",
            "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
          },
          {
            "name": "perl-unicode-bo(38270)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
          },
          {
            "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
            "refsource": "CONFIRM",
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
          },
          {
            "name": "31208",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31208"
          },
          {
            "name": "28387",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28387"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
          },
          {
            "name": "ADV-2008-0064",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0064"
          },
          {
            "name": "28167",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28167"
          },
          {
            "name": "26350",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26350"
          },
          {
            "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:1.0:*:application_stack:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5116"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=323571",
              "refsource": "MISC",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
            },
            {
              "name": "MDKSA-2007:207",
              "refsource": "MANDRIVA",
              "tags": [
                "Patch"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
            },
            {
              "name": "RHSA-2007:0966",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
            },
            {
              "name": "RHSA-2007:1011",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
            },
            {
              "name": "26350",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26350"
            },
            {
              "name": "27531",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27531"
            },
            {
              "name": "27546",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27546"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=378131",
              "refsource": "MISC",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1813",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-1813"
            },
            {
              "name": "DSA-1400",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1400"
            },
            {
              "name": "GLSA-200711-28",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
            },
            {
              "name": "OpenPKG-SA-2007.023",
              "refsource": "OPENPKG",
              "tags": [],
              "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
            },
            {
              "name": "SUSE-SR:2007:024",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
            },
            {
              "name": "USN-552-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-552-1"
            },
            {
              "name": "1018899",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1018899"
            },
            {
              "name": "27479",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27479"
            },
            {
              "name": "27515",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27515"
            },
            {
              "name": "27548",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27548"
            },
            {
              "name": "27613",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27613"
            },
            {
              "name": "27570",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27570"
            },
            {
              "name": "27936",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27936"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
            },
            {
              "name": "IZ10220",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
            },
            {
              "name": "IZ10244",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "28167",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28167"
            },
            {
              "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
            },
            {
              "name": "28368",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28368"
            },
            {
              "name": "28387",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28387"
            },
            {
              "name": "27756",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27756"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
            },
            {
              "name": "31524",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
            },
            {
              "name": "28993",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28993"
            },
            {
              "name": "29074",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29074"
            },
            {
              "name": "231524",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
            },
            {
              "name": "31208",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31208"
            },
            {
              "name": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
            },
            {
              "name": "1018985",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "ADV-2008-0064",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0064"
            },
            {
              "name": "ADV-2008-0641",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0641"
            },
            {
              "name": "ADV-2007-3724",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/3724"
            },
            {
              "name": "ADV-2007-4255",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/4255"
            },
            {
              "name": "HPSBTU02311",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
            },
            {
              "name": "perl-unicode-bo(38270)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
            },
            {
              "name": "oval:org.mitre.oval:def:10669",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
            },
            {
              "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
            },
            {
              "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
            },
            {
              "name": "20071112 FLEA-2007-0069-1 perl",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
            },
            {
              "name": "20071110 FLEA-2007-0063-1 perl",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T21:40Z",
      "publishedDate": "2007-11-07T23:46Z"
    }
  }
}

OPENSUSE-SU-2024:11158-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

perl-32bit-5.34.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: perl-32bit-5.34.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the perl-32bit-5.34.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-11158

CVE-2005-3962

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2007-5116

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-12814

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2017-12837

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-12883

5.1 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2018-18311

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-18312

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2020-10543

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2020-10878

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2020-12723

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

38 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2005-3962/	self
https://www.suse.com/security/cve/CVE-2007-5116/	self
https://www.suse.com/security/cve/CVE-2017-12814/	self
https://www.suse.com/security/cve/CVE-2017-12837/	self
https://www.suse.com/security/cve/CVE-2017-12883/	self
https://www.suse.com/security/cve/CVE-2018-18311/	self
https://www.suse.com/security/cve/CVE-2018-18312/	self
https://www.suse.com/security/cve/CVE-2020-10543/	self
https://www.suse.com/security/cve/CVE-2020-10878/	self
https://www.suse.com/security/cve/CVE-2020-12723/	self
https://www.suse.com/security/cve/CVE-2005-3962	external
https://bugzilla.suse.com/136360	external
https://www.suse.com/security/cve/CVE-2007-5116	external
https://bugzilla.suse.com/332199	external
https://bugzilla.suse.com/372331	external
https://bugzilla.suse.com/915514	external
https://www.suse.com/security/cve/CVE-2017-12814	external
https://bugzilla.suse.com/1057727	external
https://www.suse.com/security/cve/CVE-2017-12837	external
https://bugzilla.suse.com/1057724	external
https://www.suse.com/security/cve/CVE-2017-12883	external
https://bugzilla.suse.com/1057721	external
https://www.suse.com/security/cve/CVE-2018-18311	external
https://bugzilla.suse.com/1114674	external
https://bugzilla.suse.com/1132018	external
https://www.suse.com/security/cve/CVE-2018-18312	external
https://bugzilla.suse.com/1114675	external
https://www.suse.com/security/cve/CVE-2020-10543	external
https://bugzilla.suse.com/1171863	external
https://bugzilla.suse.com/1225627	external
https://www.suse.com/security/cve/CVE-2020-10878	external
https://bugzilla.suse.com/1171864	external
https://bugzilla.suse.com/1225627	external
https://www.suse.com/security/cve/CVE-2020-12723	external
https://bugzilla.suse.com/1171866	external
https://bugzilla.suse.com/1225627	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "perl-32bit-5.34.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the perl-32bit-5.34.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11158",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11158-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2005-3962 page",
        "url": "https://www.suse.com/security/cve/CVE-2005-3962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-5116 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-5116/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12814 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12814/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12837 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12837/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12883 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12883/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18311 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18311/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18312 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18312/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-10543 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-10543/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-10878 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-10878/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12723 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12723/"
      }
    ],
    "title": "perl-32bit-5.34.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11158-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "perl-5.34.0-1.1.aarch64",
                "product": {
                  "name": "perl-5.34.0-1.1.aarch64",
                  "product_id": "perl-5.34.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-32bit-5.34.0-1.1.aarch64",
                "product": {
                  "name": "perl-32bit-5.34.0-1.1.aarch64",
                  "product_id": "perl-32bit-5.34.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-5.34.0-1.1.aarch64",
                "product": {
                  "name": "perl-base-5.34.0-1.1.aarch64",
                  "product_id": "perl-base-5.34.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-32bit-5.34.0-1.1.aarch64",
                "product": {
                  "name": "perl-base-32bit-5.34.0-1.1.aarch64",
                  "product_id": "perl-base-32bit-5.34.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-doc-5.34.0-1.1.aarch64",
                "product": {
                  "name": "perl-doc-5.34.0-1.1.aarch64",
                  "product_id": "perl-doc-5.34.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "perl-5.34.0-1.1.ppc64le",
                "product": {
                  "name": "perl-5.34.0-1.1.ppc64le",
                  "product_id": "perl-5.34.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "perl-32bit-5.34.0-1.1.ppc64le",
                "product": {
                  "name": "perl-32bit-5.34.0-1.1.ppc64le",
                  "product_id": "perl-32bit-5.34.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-5.34.0-1.1.ppc64le",
                "product": {
                  "name": "perl-base-5.34.0-1.1.ppc64le",
                  "product_id": "perl-base-5.34.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-32bit-5.34.0-1.1.ppc64le",
                "product": {
                  "name": "perl-base-32bit-5.34.0-1.1.ppc64le",
                  "product_id": "perl-base-32bit-5.34.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "perl-doc-5.34.0-1.1.ppc64le",
                "product": {
                  "name": "perl-doc-5.34.0-1.1.ppc64le",
                  "product_id": "perl-doc-5.34.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "perl-5.34.0-1.1.s390x",
                "product": {
                  "name": "perl-5.34.0-1.1.s390x",
                  "product_id": "perl-5.34.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "perl-32bit-5.34.0-1.1.s390x",
                "product": {
                  "name": "perl-32bit-5.34.0-1.1.s390x",
                  "product_id": "perl-32bit-5.34.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-5.34.0-1.1.s390x",
                "product": {
                  "name": "perl-base-5.34.0-1.1.s390x",
                  "product_id": "perl-base-5.34.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-32bit-5.34.0-1.1.s390x",
                "product": {
                  "name": "perl-base-32bit-5.34.0-1.1.s390x",
                  "product_id": "perl-base-32bit-5.34.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "perl-doc-5.34.0-1.1.s390x",
                "product": {
                  "name": "perl-doc-5.34.0-1.1.s390x",
                  "product_id": "perl-doc-5.34.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "perl-5.34.0-1.1.x86_64",
                "product": {
                  "name": "perl-5.34.0-1.1.x86_64",
                  "product_id": "perl-5.34.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-32bit-5.34.0-1.1.x86_64",
                "product": {
                  "name": "perl-32bit-5.34.0-1.1.x86_64",
                  "product_id": "perl-32bit-5.34.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-5.34.0-1.1.x86_64",
                "product": {
                  "name": "perl-base-5.34.0-1.1.x86_64",
                  "product_id": "perl-base-5.34.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-base-32bit-5.34.0-1.1.x86_64",
                "product": {
                  "name": "perl-base-32bit-5.34.0-1.1.x86_64",
                  "product_id": "perl-base-32bit-5.34.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-doc-5.34.0-1.1.x86_64",
                "product": {
                  "name": "perl-doc-5.34.0-1.1.x86_64",
                  "product_id": "perl-doc-5.34.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64"
        },
        "product_reference": "perl-5.34.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le"
        },
        "product_reference": "perl-5.34.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x"
        },
        "product_reference": "perl-5.34.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64"
        },
        "product_reference": "perl-5.34.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-32bit-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64"
        },
        "product_reference": "perl-32bit-5.34.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-32bit-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le"
        },
        "product_reference": "perl-32bit-5.34.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-32bit-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x"
        },
        "product_reference": "perl-32bit-5.34.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-32bit-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64"
        },
        "product_reference": "perl-32bit-5.34.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64"
        },
        "product_reference": "perl-base-5.34.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le"
        },
        "product_reference": "perl-base-5.34.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x"
        },
        "product_reference": "perl-base-5.34.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64"
        },
        "product_reference": "perl-base-5.34.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-32bit-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64"
        },
        "product_reference": "perl-base-32bit-5.34.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-32bit-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le"
        },
        "product_reference": "perl-base-32bit-5.34.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-32bit-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x"
        },
        "product_reference": "perl-base-32bit-5.34.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-base-32bit-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64"
        },
        "product_reference": "perl-base-32bit-5.34.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-doc-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64"
        },
        "product_reference": "perl-doc-5.34.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-doc-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le"
        },
        "product_reference": "perl-doc-5.34.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-doc-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x"
        },
        "product_reference": "perl-doc-5.34.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-doc-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        },
        "product_reference": "perl-doc-5.34.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2005-3962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2005-3962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2005-3962",
          "url": "https://www.suse.com/security/cve/CVE-2005-3962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 136360 for CVE-2005-3962",
          "url": "https://bugzilla.suse.com/136360"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2005-3962"
    },
    {
      "cve": "CVE-2007-5116",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-5116"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-5116",
          "url": "https://www.suse.com/security/cve/CVE-2007-5116"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 332199 for CVE-2007-5116",
          "url": "https://bugzilla.suse.com/332199"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 372331 for CVE-2007-5116",
          "url": "https://bugzilla.suse.com/372331"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 915514 for CVE-2007-5116",
          "url": "https://bugzilla.suse.com/915514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2007-5116"
    },
    {
      "cve": "CVE-2017-12814",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12814"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12814",
          "url": "https://www.suse.com/security/cve/CVE-2017-12814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057727 for CVE-2017-12814",
          "url": "https://bugzilla.suse.com/1057727"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2017-12814"
    },
    {
      "cve": "CVE-2017-12837",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12837"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12837",
          "url": "https://www.suse.com/security/cve/CVE-2017-12837"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057724 for CVE-2017-12837",
          "url": "https://bugzilla.suse.com/1057724"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-12837"
    },
    {
      "cve": "CVE-2017-12883",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12883"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid \u0027\\N{U+...}\u0027 escape.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12883",
          "url": "https://www.suse.com/security/cve/CVE-2017-12883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057721 for CVE-2017-12883",
          "url": "https://bugzilla.suse.com/1057721"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-12883"
    },
    {
      "cve": "CVE-2018-18311",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18311"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18311",
          "url": "https://www.suse.com/security/cve/CVE-2018-18311"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1114674 for CVE-2018-18311",
          "url": "https://bugzilla.suse.com/1114674"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1132018 for CVE-2018-18311",
          "url": "https://bugzilla.suse.com/1132018"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18311"
    },
    {
      "cve": "CVE-2018-18312",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18312"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18312",
          "url": "https://www.suse.com/security/cve/CVE-2018-18312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1114675 for CVE-2018-18312",
          "url": "https://bugzilla.suse.com/1114675"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-18312"
    },
    {
      "cve": "CVE-2020-10543",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-10543"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-10543",
          "url": "https://www.suse.com/security/cve/CVE-2020-10543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171863 for CVE-2020-10543",
          "url": "https://bugzilla.suse.com/1171863"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225627 for CVE-2020-10543",
          "url": "https://bugzilla.suse.com/1225627"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-10543"
    },
    {
      "cve": "CVE-2020-10878",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-10878"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-10878",
          "url": "https://www.suse.com/security/cve/CVE-2020-10878"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171864 for CVE-2020-10878",
          "url": "https://bugzilla.suse.com/1171864"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225627 for CVE-2020-10878",
          "url": "https://bugzilla.suse.com/1225627"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-10878"
    },
    {
      "cve": "CVE-2020-12723",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12723"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
          "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12723",
          "url": "https://www.suse.com/security/cve/CVE-2020-12723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171866 for CVE-2020-12723",
          "url": "https://bugzilla.suse.com/1171866"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225627 for CVE-2020-12723",
          "url": "https://bugzilla.suse.com/1225627"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
            "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-12723"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-5116 (GCVE-0-2007-5116)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature