CVE-2012-5195

Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

Published: Dec 18, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-5195
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
perl / perl	5.14.1	5.14.1.x
perl / perl	5.12.0-rc1	5.12.0-rc1.x
perl / perl	5.12.0-rc4	5.12.0-rc4.x
perl / perl	5.12.4	5.12.4.x
perl / perl	5.12.0-rc3	5.12.0-rc3.x
perl / perl	5.12.1-rc1	5.12.1-rc1.x
perl / perl	5.14.0-rc2	5.14.0-rc2.x
perl / perl	5.12.3-rc3	5.12.3-rc3.x
perl / perl	5.12.3	5.12.3.x
perl / perl	5.12.1-rc2	5.12.1-rc2.x
perl / perl	5.12.0-rc2	5.12.0-rc2.x
perl / perl	5.14.0	5.14.0.x
perl / perl	5.12.0	5.12.0.x
perl / perl	5.12.3-rc1	5.12.3-rc1.x
perl / perl	5.12.2	5.12.2.x
perl / perl	5.14.0-rc1	5.14.0-rc1.x
perl / perl	5.14.0-rc3	5.14.0-rc3.x
perl / perl	5.14.2	5.14.2.x
perl / perl	5.12.3-rc2	5.12.3-rc2.x
perl / perl	5.12.2-rc1	5.12.2-rc1.x
perl / perl	5.12.0-rc0	5.12.0-rc0.x
perl / perl	5.12.0-rc5	5.12.0-rc5.x
perl / perl	5.12.1	5.12.1.x

Vulnerability Database

289,599

CVE-2012-5195