Debian Perl vulnerabilities

CVE-2011-1487 [MEDIUM] CVE-2011-1487: perl - The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.... The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. Scope: local bookworm: resolved (fixed i

CVE-2011-3597 [HIGH] CVE-2011-3597: perl - Eval injection vulnerability in the Digest module before 1.17 for Perl allows co... Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. Scope: local bookworm: resolved (fixed in 5.12.4-6) bullseye: resolved (fixed in 5.12.4-6) forky: resolved (fixed in 5.12.4-6) sid: resolved (fixed in 5.12.4-6) trixie: resolved (fixed in 5.12.4-6)

CVE-2011-0761 [MEDIUM] CVE-2011-0761: perl - Perl 5.10.x allows context-dependent attackers to cause a denial of service (NUL... Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call. Scope: local bookworm: resolved (fixed in 5.12.0-1) bullseye: resolved (fixed

CVE-2011-2728 [MEDIUM] CVE-2011-2728: perl - The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows con... The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference. Scope: local bookworm: resolved (fixed in 5.14.2-1) bullseye: resolved (fixed in 5.14.2-1) forky: resolved (fixed in 5.14.2

CVE-2010-1447 [HIGH] CVE-2010-1447: perl - The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as u... The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execut

CVE-2010-1168 [HIGH] CVE-2010-1168: perl - The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent atta... The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods." S

CVE-2010-4410 [MEDIUM] CVE-2010-4410: libcgi-pm-perl - CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 an... CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and C

CVE-2010-4411 [MEDIUM] CVE-2010-4411: libcgi-pm-perl - Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to ... Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761. Scope: local bookworm: resolved (fixed in 3.51-1) bullseye: resolved (fixed in 3.51-1) forky: resolved (fixed in 3

CVE-2010-2761 [MEDIUM] CVE-2010-2761: libcgi-pm-perl - The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::... The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vuln

CVE-2010-1158 [MEDIUM] CVE-2010-1158: perl - Integer overflow in the regular expression engine in Perl 5.8.x allows context-d... Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2010-4777 [MEDIUM] CVE-2010-4777: perl - The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and ot... The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSI

CVE-2009-3626 [MEDIUM] CVE-2009-3626: perl - Perl 5.10.1 allows context-dependent attackers to cause a denial of service (app... Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match. Scope: local bookworm: resolved (fixed in 5.10.1-6) bullseye: resolved (fixed in 5.10.1-6) forky: resolved (fixed in 5.10.1-6) sid: resolved (fixed in 5.10

CVE-2009-1391 [MEDIUM] CVE-2009-1391: libcompress-raw-zlib-perl - Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl ... Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild b

CVE-2008-2827 [LOW] CVE-2008-2827: perl - The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check per... The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452. Scope: local bookworm: resolved (fixed in 5.10.0-11) bullseye: resolved (fixed in 5.10.0-11) forky: re

CVE-2008-1927 [MEDIUM] CVE-2008-1927: perl - Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to ca... Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems. Scope: local bookworm: resolved (fixed in 5.10.0-1) bullseye: resolved (fixed in 5.10.0-1) forky: resolved

CVE-2008-5303 [LOW] CVE-2008-5303: perl - Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in P... Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions. Scope: local b

CVE-2008-5302 [LOW] CVE-2008-5302: perl - Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path... Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affect

CVE-2007-4829 [MEDIUM] CVE-2007-4829: perl - Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earli... Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences. Scope: local bookworm: resolved (fixed in 5.10.0-19) bullseye: resolved (fixed in 5.10.0-19) forky: resolved (fixed in 5.10.0-19

CVE-2007-5116 [HIGH] CVE-2007-5116: perl - Buffer overflow in the polymorphic opcode support in the Regular Expression Engi... Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Scope: local bookworm: resolved (fixed in 5.8.8-12) bullseye: resolved (fixed in 5.8.8-12) forky: resolved (fixed in 5.8.8-12) si

CVE-2005-0155 [MEDIUM] CVE-2005-0155: perl - The PerlIO implementation in Perl 5.8.0, when installed with setuid support (spe... The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable. Scope: local bookworm: resolved (fixed in 5.8.4-6) bullseye: resolved (fixed in 5.8.4-6) forky: resolved (fixed in 5.8.4-6) sid: resolved (fixed in 5.8.4-6) trixie: resolved (fixed in 5.8.4-6)