Launchpad.net

CVE 2007-5116

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

Related bugs and status

CVE-2007-5116 (Candidate) is related to these bugs:

Bug #160693: [perl] [cve-2007-5116] heap overflow

Summary				In	Importance	Status
	160693	[perl] [cve-2007-5116] heap overflow		perl (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
MANDRIVA: MDKSA-2007:207
REDHAT: RHSA-2007:0966
REDHAT: RHSA-2007:1011
BID: 26350
SECUNIA: 27531
SECUNIA: 27546
DEBIAN: DSA-1400
SECUNIA: 27479
CONFIRM: https://issues.rpath.c...
SECTRACK: 1018899
SECUNIA: 27515
SECUNIA: 27548
MISC: https://bugzilla.redha...
OPENPKG: OpenPKG-SA-2007.023
SECUNIA: 27613
GENTOO: GLSA-200711-28
SECUNIA: 27570
SUSE: SUSE-SR:2007:024
UBUNTU: USN-552-1
SECUNIA: 27936
CONFIRM: http://docs.info.apple...
APPLE: APPLE-SA-2007-12-17
CERT: TA07-352A
CONFIRM: ftp://aix.software.ibm...
AIXAPAR: IZ10220
AIXAPAR: IZ10244
SECUNIA: 28167
MLIST: [Security-announce] 20...
CONFIRM: http://support.avaya.c...
SECUNIA: 28368
SECUNIA: 28387
SECUNIA: 27756
CONFIRM: http://www.vmware.com/...
SUNALERT: 31524
SECUNIA: 28993
SECUNIA: 29074
SUNALERT: 231524
SECUNIA: 31208
VUPEN: ADV-2007-3724
VUPEN: ADV-2007-4238
VUPEN: ADV-2007-4255
VUPEN: ADV-2008-0064
VUPEN: ADV-2008-0641
SUNALERT: 1018985
CONFIRM: http://www.ipcop.org/i...
HP: HPSBTU02311
HP: SSRT080001
XF: perl-unicode-bo(38270)
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20071110 FLEA-2007-006...
BUGTRAQ: 20071112 FLEA-2007-006...
BUGTRAQ: 20080108 VMSA-2008-000...
BUGTRAQ: 20080123 UPDATED VMSA-...