CVE-2011-0761

Description

Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call.

How to fix CVE-2011-0761

To remediate CVE-2011-0761, upgrade the affected package to a fixed version below.

• Debian/perl—upgrade to 5.12.0-1 or later

Is CVE-2011-0761 being exploited?

Low — EPSS is 3.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 5.12.0-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2011-0761