CVE-2007-5116

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=323571", "tags": [], "refsource": "MISC"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207", "name": "MDKSA-2007:207", "tags": ["Patch"], "refsource": "MANDRIVA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html", "name": "RHSA-2007:0966", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html", "name": "RHSA-2007:1011", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/26350", "name": "26350", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/27531", "name": "27531", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27546", "name": "27546", "tags": [], "refsource": "SECUNIA"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=378131", "tags": [], "refsource": "MISC"}, {"url": "https://issues.rpath.com/browse/RPL-1813", "name": "https://issues.rpath.com/browse/RPL-1813", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2007/dsa-1400", "name": "DSA-1400", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml", "name": "GLSA-200711-28", "tags": [], "refsource": "GENTOO"}, {"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html", "name": "OpenPKG-SA-2007.023", "tags": [], "refsource": "OPENPKG"}, {"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html", "name": "SUSE-SR:2007:024", "tags": [], "refsource": "SUSE"}, {"url": "http://www.ubuntu.com/usn/usn-552-1", "name": "USN-552-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://securitytracker.com/id?1018899", "name": "1018899", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/27479", "name": "27479", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27515", "name": "27515", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27548", "name": "27548", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27613", "name": "27613", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27570", "name": "27570", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27936", "name": "27936", "tags": [], "refsource": "SECUNIA"}, {"url": "http://docs.info.apple.com/article.html?artnum=307179", "name": "http://docs.info.apple.com/article.html?artnum=307179", "tags": [], "refsource": "CONFIRM"}, {"url": "ftp://aix.software.ibm.com/aix/efixes/security/README", "name": "ftp://aix.software.ibm.com/aix/efixes/security/README", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220", "name": "IZ10220", "tags": [], "refsource": "AIXAPAR"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244", "name": "IZ10244", "tags": [], "refsource": "AIXAPAR"}, {"url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html", "name": "APPLE-SA-2007-12-17", "tags": [], "refsource": "APPLE"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html", "name": "TA07-352A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://secunia.com/advisories/28167", "name": "28167", "tags": [], "refsource": "SECUNIA"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html", "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "tags": [], "refsource": "MLIST"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/28368", "name": "28368", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/28387", "name": "28387", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27756", "name": "27756", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1", "name": "31524", "tags": [], "refsource": "SUNALERT"}, {"url": "http://secunia.com/advisories/28993", "name": "28993", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/29074", "name": "29074", "tags": [], "refsource": "SECUNIA"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1", "name": "231524", "tags": [], "refsource": "SUNALERT"}, {"url": "http://secunia.com/advisories/31208", "name": "31208", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.ipcop.org/index.php?name=News&file=article&sid=41", "name": "http://www.ipcop.org/index.php?name=News&file=article&sid=41", "tags": [], "refsource": "CONFIRM"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1", "name": "1018985", "tags": [], "refsource": "SUNALERT"}, {"url": "http://www.vupen.com/english/advisories/2007/4238", "name": "ADV-2007-4238", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2008/0064", "name": "ADV-2008-0064", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2008/0641", "name": "ADV-2008-0641", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2007/3724", "name": "ADV-2007-3724", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2007/4255", "name": "ADV-2007-4255", "tags": [], "refsource": "VUPEN"}, {"url": "http://marc.info/?l=bugtraq&m=120352263023774&w=2", "name": "HPSBTU02311", "tags": [], "refsource": "HP"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270", "name": "perl-unicode-bo(38270)", "tags": [], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669", "name": "oval:org.mitre.oval:def:10669", "tags": [], "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded", "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded", "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded", "name": "20071112 FLEA-2007-0069-1 perl", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded", "name": "20071110 FLEA-2007-0063-1 perl", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-5116", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-11-07T23:46Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:1.0:*:application_stack:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-15T21:40Z"}