The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Perl Core

computer vulnerability note CVE-2018-18314

Perl Core: buffer overflow via S_regatom

Synthesis of the vulnerability

An attacker can generate a buffer overflow via S_regatom() of Perl Core, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, Snap Creator Framework, OpenBSD, openSUSE Leap, Solaris, Perl Core, RHEL, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 30/11/2018.
Identifiers: bulletinapr2019, CVE-2018-18314, DSA-4347-1, FEDORA-2018-9dbe983805, FEDORA-2018-ca03363d57, NTAP-20190221-0003, openSUSE-SU-2018:4258-1, RHSA-2019:0001-01, RHSA-2019:0010-01, SUSE-SU-2018:4187-1, USN-3834-1, USN-3834-2, VIGILANCE-VUL-27919.

Description of the vulnerability

An attacker can generate a buffer overflow via S_regatom() of Perl Core, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-18313

Perl Core: out-of-bounds memory reading via S_grok_bslash_N

Synthesis of the vulnerability

An attacker can force a read at an invalid address via S_grok_bslash_N() of Perl Core, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Mac OS X, Debian, Fedora, Snap Creator Framework, OpenBSD, openSUSE Leap, Solaris, Perl Core, RHEL, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 30/11/2018.
Identifiers: 133192, bulletinapr2019, CVE-2018-18313, DSA-4347-1, FEDORA-2018-9dbe983805, FEDORA-2018-ca03363d57, HT209600, NTAP-20190221-0003, openSUSE-SU-2018:4258-1, RHSA-2019:0001-01, RHSA-2019:0010-01, SUSE-SU-2018:4187-1, USN-3834-1, USN-3834-2, VIGILANCE-VUL-27918.

Description of the vulnerability

An attacker can force a read at an invalid address via S_grok_bslash_N() of Perl Core, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-18312

Perl Core: buffer overflow via Regular Expression Compilation

Synthesis of the vulnerability

An attacker can generate a buffer overflow via Regular Expression Compilation of Perl Core, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, Snap Creator Framework, OpenBSD, openSUSE Leap, Solaris, Perl Core, RHEL, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 30/11/2018.
Identifiers: 133423, bulletinapr2019, CVE-2018-18312, DSA-4347-1, FEDORA-2018-9dbe983805, FEDORA-2018-ca03363d57, NTAP-20190221-0003, openSUSE-SU-2018:4258-1, RHSA-2019:0001-01, RHSA-2019:0010-01, SUSE-SU-2018:4187-1, USN-3834-1, USN-3834-2, VIGILANCE-VUL-27917.

Description of the vulnerability

An attacker can generate a buffer overflow via Regular Expression Compilation of Perl Core, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-18311

Perl Core: integer overflow via Perl_my_setenv

Synthesis of the vulnerability

An attacker can generate an integer overflow via Perl_my_setenv() of Perl Core, in order to trigger a denial of service, and possibly to run code.
Impacted products: Mac OS X, Debian, Fedora, McAfee Web Gateway, Snap Creator Framework, OpenBSD, openSUSE Leap, Solaris, Perl Core, RHEL, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 30/11/2018.
Identifiers: 133204, bulletinjan2019, CVE-2018-18311, DLA-1601-1, DSA-4347-1, FEDORA-2018-9dbe983805, FEDORA-2018-ca03363d57, HT209600, NTAP-20190221-0003, openSUSE-SU-2018:4258-1, RHSA-2019:0001-01, RHSA-2019:0010-01, RHSA-2019:0109-01, SB10276, SB10278, SUSE-SU-2018:4187-1, USN-3834-1, USN-3834-2, VIGILANCE-VUL-27916.

Description of the vulnerability

An attacker can generate an integer overflow via Perl_my_setenv() of Perl Core, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-6798

Perl Core: buffer overflow via Perl__byte_dump_string

Synthesis of the vulnerability

An attacker can generate a buffer overflow via Perl__byte_dump_string of Perl Core, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, OpenBSD, openSUSE Leap, Solaris, Perl Core, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 16/04/2018.
Identifiers: 132063, bulletinjan2019, CVE-2018-6798, DSA-4172-1, FEDORA-2018-0050f7c0d1, FEDORA-2018-1c8b49fbc7, FEDORA-2018-d1ba58394e, openSUSE-SU-2018:1095-1, RHSA-2018:1192-01, SUSE-SU-2018:1972-1, USN-3625-1, USN-3625-2, VIGILANCE-VUL-25878.

Description of the vulnerability

An attacker can generate a buffer overflow via Perl__byte_dump_string of Perl Core, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-6797

Perl Core: buffer overflow via S_regatom

Synthesis of the vulnerability

An attacker can generate a buffer overflow via S_regatom of Perl Core, in order to trigger a denial of service, and possibly to run code.
Impacted products: Mac OS X, Debian, Fedora, OpenBSD, openSUSE Leap, Solaris, Perl Core, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 16/04/2018.
Identifiers: 132227, bulletinjan2019, CVE-2018-6797, DSA-4172-1, FEDORA-2018-0050f7c0d1, FEDORA-2018-1c8b49fbc7, FEDORA-2018-d1ba58394e, HT208937, HT209193, openSUSE-SU-2018:1095-1, RHSA-2018:1192-01, SUSE-SU-2018:1972-1, USN-3625-1, USN-3625-2, VIGILANCE-VUL-25877.

Description of the vulnerability

An attacker can generate a buffer overflow via S_regatom of Perl Core, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2018-6913

Perl Core: buffer overflow via S_pack_rec

Synthesis of the vulnerability

An attacker can generate a buffer overflow via S_pack_rec of Perl Core, in order to trigger a denial of service, and possibly to run code.
Impacted products: Mac OS X, Debian, Fedora, OpenBSD, openSUSE Leap, Solaris, Perl Core, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 16/04/2018.
Identifiers: 131844, bulletinjan2019, CVE-2018-6913, DLA-1345-1, DSA-4172-1, FEDORA-2018-0050f7c0d1, FEDORA-2018-1c8b49fbc7, FEDORA-2018-d1ba58394e, HT208937, openSUSE-SU-2018:1095-1, SUSE-SU-2018:1972-1, USN-3625-1, USN-3625-2, VIGILANCE-VUL-25875.

Description of the vulnerability

The Perl Core product offers a web service.

However, if the size of data is greater than the size of the storage array, an overflow occurs.

An attacker can therefore generate a buffer overflow via S_pack_rec of Perl Core, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-12814

Perl Core: buffer overflow via CPerlHost-Add Environment Variable

Synthesis of the vulnerability

An attacker can generate a buffer overflow via CPerlHost::Add() of Perl Core, in order to trigger a denial of service, and possibly to run code.
Impacted products: Perl Core.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 28/09/2017.
Identifiers: 131665, CVE-2017-12814, VIGILANCE-VUL-23962.

Description of the vulnerability

An attacker can generate a buffer overflow via CPerlHost::Add() of Perl Core, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-12883

Perl Core: denial of service via regcomp RExC_parse

Synthesis of the vulnerability

An attacker can generate a fatal error via regcomp() RExC_parse() of Perl Core, in order to trigger a denial of service.
Impacted products: Debian, Fedora, OpenBSD, openSUSE Leap, Solaris, Perl Core, pfSense, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 21/09/2017.
Identifiers: bulletinapr2018, CVE-2017-12883, DSA-3982-1, FEDORA-2017-2008fdd7e2, FEDORA-2017-89492f7161, openSUSE-SU-2017:3101-1, USN-3478-1, USN-3478-2, VIGILANCE-VUL-23893.

Description of the vulnerability

An attacker can generate a fatal error via regcomp() RExC_parse() of Perl Core, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-12837

Perl Core: denial of service via regcomp S_regatom

Synthesis of the vulnerability

An attacker can generate a fatal error via regcomp() S_regatom() of Perl Core, in order to trigger a denial of service.
Impacted products: Debian, Fedora, OpenBSD, openSUSE Leap, Solaris, Perl Core, pfSense, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 21/09/2017.
Identifiers: bulletinapr2018, CVE-2017-12837, DSA-3982-1, FEDORA-2017-2008fdd7e2, FEDORA-2017-89492f7161, openSUSE-SU-2017:3101-1, USN-3478-1, USN-3478-2, VIGILANCE-VUL-23892.

Description of the vulnerability

An attacker can generate a fatal error via regcomp() S_regatom() of Perl Core, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Perl Core: