CVE-2007-5116
perl - arbitrary code execution
EPSS 8.8%
Description
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
How to fix CVE-2007-5116
To remediate CVE-2007-5116, upgrade the affected package to a fixed version below.
- Debian/perl—upgrade to 5.8.8-12 or later
- Debian/perl—upgrade to 5.8.4-8sarge6 or later
- Debian/perl—upgrade to 5.8.8-11.1+lenny1 or later
Is CVE-2007-5116 being exploited?
Moderate — EPSS is 8.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 5.8.8-12
- from 0, < 5.8.4-8sarge6
- from 0, < 5.8.8-11.1+lenny1