7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.036 Low
EPSS
Percentile
90.6%
Perl is a high-level programming language commonly used for system
administration utilities and web programming.
A heap-based buffer overflow flaw was found in the way Perl decoded Unicode
strings. An attacker could create a malicious Unicode string that, when
decoded by a Perl program, would cause the program to crash or,
potentially, execute arbitrary code with the permissions of the user
running the program. (CVE-2011-2939)
It was found that the “new” constructor of the Digest module used its
argument as part of the string expression passed to the eval() function. An
attacker could possibly use this flaw to execute arbitrary Perl code with
the privileges of a Perl program that uses untrusted input as an argument
to the constructor. (CVE-2011-3597)
All Perl users should upgrade to these updated packages, which contain
backported patches to correct these issues. All running Perl programs must
be restarted for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | perl-libs | < 5.10.1-119.el6_1.1 | perl-libs-5.10.1-119.el6_1.1.x86_64.rpm |
RedHat | 6 | x86_64 | perl-time-hires | < 1.9721-119.el6_1.1 | perl-Time-HiRes-1.9721-119.el6_1.1.x86_64.rpm |
RedHat | 6 | x86_64 | perl-extutils-parsexs | < 2.2003.0-119.el6_1.1 | perl-ExtUtils-ParseXS-2.2003.0-119.el6_1.1.x86_64.rpm |
RedHat | 6 | i686 | perl-params-check | < 0.26-119.el6_1.1 | perl-Params-Check-0.26-119.el6_1.1.i686.rpm |
RedHat | 6 | s390x | perl-test-simple | < 0.92-119.el6_1.1 | perl-Test-Simple-0.92-119.el6_1.1.s390x.rpm |
RedHat | 6 | s390x | perl-file-fetch | < 0.26-119.el6_1.1 | perl-File-Fetch-0.26-119.el6_1.1.s390x.rpm |
RedHat | 6 | i686 | perl-extutils-makemaker | < 6.55-119.el6_1.1 | perl-ExtUtils-MakeMaker-6.55-119.el6_1.1.i686.rpm |
RedHat | 6 | ppc64 | perl-cpanplus | < 0.88-119.el6_1.1 | perl-CPANPLUS-0.88-119.el6_1.1.ppc64.rpm |
RedHat | 6 | i686 | perl-parent | < 0.221-119.el6_1.1 | perl-parent-0.221-119.el6_1.1.i686.rpm |
RedHat | 6 | ppc64 | perl-devel | < 5.10.1-119.el6_1.1 | perl-devel-5.10.1-119.el6_1.1.ppc64.rpm |