CVE-2013-1667

First published: Mon Feb 18 2013(Updated: )

A denial of service flaw was found in the way Perl's rehashing code implementation (responsible for recalculation of hash keys and redistribution of hash content) used to react on certain user's input. If a Perl language based application accepted untrusted user input as hash keys, an attacker could use this flaw to cause the perl executable to consume excessive amount of memory (a denial of service via memory exhaustion). References: [1] <a href="http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html">http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html</a>

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Perl	=5.8.2
Perl	=5.8.3
Perl	=5.8.4
Perl	=5.8.5
Perl	=5.8.6
Perl	=5.8.7
Perl	=5.8.8
Perl	=5.8.9
Perl	=5.8.10
Perl	=5.10
Perl	=5.10.0
Perl	=5.10.0-rc1
Perl	=5.10.0-rc2
Perl	=5.10.1
Perl	=5.10.1-rc1
Perl	=5.10.1-rc2
Perl	=5.11.0
Perl	=5.11.1
Perl	=5.11.2
Perl	=5.11.3
Perl	=5.11.4
Perl	=5.11.5
Perl	=5.12.0
Perl	=5.12.0-rc0
Perl	=5.12.0-rc1
Perl	=5.12.0-rc2
Perl	=5.12.0-rc3
Perl	=5.12.0-rc4
Perl	=5.12.0-rc5
Perl	=5.12.1
Perl	=5.12.1-rc1
Perl	=5.12.1-rc2
Perl	=5.12.2
Perl	=5.12.2-rc1
Perl	=5.12.3
Perl	=5.12.3-rc1
Perl	=5.12.3-rc2
Perl	=5.12.3-rc3
Perl	=5.12.4
Perl	=5.13.0
Perl	=5.13.1
Perl	=5.13.2
Perl	=5.13.3
Perl	=5.13.4
Perl	=5.13.5
Perl	=5.13.6
Perl	=5.13.7
Perl	=5.13.8
Perl	=5.13.9
Perl	=5.13.10
Perl	=5.13.11
Perl	=5.14.0
Perl	=5.14.0-rc1
Perl	=5.14.0-rc2
Perl	=5.14.0-rc3
Perl	=5.14.1
Perl	=5.14.2
Perl	=5.14.3
Perl	=5.16.0
Perl	=5.16.1
Perl	=5.16.2

Never miss a vulnerability like this again

Reference Links

agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/references
agent/event
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2013-1667
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/perl
canonical/perl
version/perl/5.8.2
version/perl/5.8.3
version/perl/5.8.4
version/perl/5.8.5
version/perl/5.8.6
version/perl/5.8.7
version/perl/5.8.8
version/perl/5.8.9
version/perl/5.8.10
version/perl/5.10
version/perl/5.10.0
version/perl/5.10.0-rc1
version/perl/5.10.0-rc2
version/perl/5.10.1
version/perl/5.10.1-rc1
version/perl/5.10.1-rc2
version/perl/5.11.0
version/perl/5.11.1
version/perl/5.11.2
version/perl/5.11.3
version/perl/5.11.4
version/perl/5.11.5
version/perl/5.12.0
version/perl/5.12.0-rc0
version/perl/5.12.0-rc1
version/perl/5.12.0-rc2
version/perl/5.12.0-rc3
version/perl/5.12.0-rc4
version/perl/5.12.0-rc5
version/perl/5.12.1
version/perl/5.12.1-rc1
version/perl/5.12.1-rc2
version/perl/5.12.2
version/perl/5.12.2-rc1
version/perl/5.12.3
version/perl/5.12.3-rc1
version/perl/5.12.3-rc2
version/perl/5.12.3-rc3
version/perl/5.12.4
version/perl/5.13.0
version/perl/5.13.1
version/perl/5.13.2
version/perl/5.13.3
version/perl/5.13.4
version/perl/5.13.5
version/perl/5.13.6
version/perl/5.13.7
version/perl/5.13.8
version/perl/5.13.9
version/perl/5.13.10
version/perl/5.13.11
version/perl/5.14.0
version/perl/5.14.0-rc1
version/perl/5.14.0-rc2
version/perl/5.14.0-rc3
version/perl/5.14.1
version/perl/5.14.2
version/perl/5.14.3
version/perl/5.16.0
version/perl/5.16.1
version/perl/5.16.2

CVE-2013-1667

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact