CVE-2011-0761 Affecting perl package, versions <5.12.0-1


Severity

Recommended
low

Based on Debian security rating.

Threat Intelligence

EPSS
1.68% (89th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-DEBIAN11-PERL-527540
  • published13 May 2011
  • disclosed13 May 2011

Introduced: 13 May 2011

CVE-2011-0761  (opens in a new tab)

How to fix?

Upgrade Debian:11 perl to version 5.12.0-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call.

CVSS Scores

version 3.1