CVE-2010-4777

Publication date 10 February 2014

Last updated 24 July 2024

Ubuntu priority

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
perl	11.10 oneiric	Ignored
	11.04 natty	Ignored
	10.10 maverick	Ignored
	10.04 LTS lucid	Ignored
	8.04 LTS hardy	Ignored

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

per Debian, perl-debug only

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2010-4777