Bug#628817: perl NULL pointer dereference
Thijs Kinkhorst
thijs at debian.org
Wed Jun 1 15:52:17 UTC 2011
Package: perl
Severity: serious
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for perl.
CVE-2011-0761[0]:
| Perl 5.10.x allows context-dependent attackers to cause a denial of
| service (NULL pointer dereference and application crash) by leveraging
| an ability to inject arguments into a (1) getpeername, (2) readdir,
| (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir
| function call.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761
http://security-tracker.debian.org/tracker/CVE-2011-0761
More information about the Perl-maintainers
mailing list