Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-14393

Опубликовано: 01 авг. 2019
Источник: redhat
CVSS3: 7.1
EPSS Низкий

Описание

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

A buffer overflow was found in perl-DBI before version 1.643 in DBI.xs. This flaw allows a local attacker who can supply a string longer than 300 characters to cause an out-of-bounds write. The highest threat from this vulnerability is to integrity and system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5perl-DBIOut of support scope
Red Hat Enterprise Linux 6perl-DBIOut of support scope
Red Hat Enterprise Linux 7perl-DBIFix deferred
Red Hat Enterprise Linux 8perl-DBIFix deferred
Red Hat Software Collectionsrh-perl526-perl-DBIFix deferred
Red Hat Software Collectionsrh-perl530-perl-DBIFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-121->CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1877409perl-dbi: Buffer overflow on an overlong DBD class name

EPSS

Процентиль: 32%
0.00123
Низкий

7.1 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-14393

CVSS3: 7.1
ubuntu
больше 5 лет назад

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

nvd логотип

CVE-2020-14393

CVSS3: 7.1
nvd
больше 5 лет назад

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

debian логотип

CVE-2020-14393

CVSS3: 7.1
debian
больше 5 лет назад

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local att ...

github логотип

GHSA-g7gr-3q49-q5r9

CVSS3: 7.1
github
больше 3 лет назад

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

fstec логотип

BDU:2021-03728

CVSS3: 7.1
fstec
больше 5 лет назад

Уязвимость компонента DBI интерпретатора языка программирования Perl, связанная с записью за границами буфера, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании

EPSS

Процентиль: 32%
0.00123
Низкий

7.1 High

CVSS3