Search for vulnerabilities
Vulnerability details: VCID-rqhs-ue3x-aaag
Vulnerability ID VCID-rqhs-ue3x-aaag
Aliases CVE-2008-1927
Summary Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-399 Resource Management Errors
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2008:0522
rhas Important https://access.redhat.com/errata/RHSA-2008:0532
rhas Moderate https://access.redhat.com/errata/RHSA-2010:0602
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.01455 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.02039 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.02039 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.02039 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.02039 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.02039 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.02039 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.02039 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.03956 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
epss 0.12458 https://api.first.org/data/v1/epss?cve=CVE-2008-1927
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=443928
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2008-1927
Reference id Reference type URL
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://osvdb.org/44588
http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1927.json
https://api.first.org/data/v1/epss?cve=CVE-2008-1927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927
http://secunia.com/advisories/29948
http://secunia.com/advisories/30025
http://secunia.com/advisories/30326
http://secunia.com/advisories/30624
http://secunia.com/advisories/31208
http://secunia.com/advisories/31328
http://secunia.com/advisories/31467
http://secunia.com/advisories/31604
http://secunia.com/advisories/31687
http://secunia.com/advisories/33314
http://secunia.com/advisories/33937
https://exchange.xforce.ibmcloud.com/vulnerabilities/41996
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10579
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2008-317.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-361.htm
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00601.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00607.html
http://wiki.rpath.com/Advisories:rPSA-2009-0011
http://www.debian.org/security/2008/dsa-1556
http://www.gentoo.org/security/en/glsa/glsa-200805-17.xml
http://www.ipcop.org/index.php?name=News&file=article&sid=41
http://www.mandriva.com/security/advisories?name=MDVSA-2008:100
http://www.redhat.com/support/errata/RHSA-2008-0522.html
http://www.redhat.com/support/errata/RHSA-2008-0532.html
http://www.securityfocus.com/archive/1/500210/100/0/threaded
http://www.securityfocus.com/bid/28928
http://www.securitytracker.com/id?1020253
http://www.ubuntu.com/usn/usn-700-1
http://www.ubuntu.com/usn/usn-700-2
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
http://www.vupen.com/english/advisories/2008/2265/references
http://www.vupen.com/english/advisories/2008/2361
http://www.vupen.com/english/advisories/2008/2424
http://www.vupen.com/english/advisories/2009/0422
443928 https://bugzilla.redhat.com/show_bug.cgi?id=443928
454792 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
cpe:2.3:a:perl:perl:5.8.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:perl:perl:5.8.8:*:*:*:*:*:*:*
CVE-2008-1927 https://nvd.nist.gov/vuln/detail/CVE-2008-1927
GLSA-200805-17 https://security.gentoo.org/glsa/200805-17
RHSA-2008:0522 https://access.redhat.com/errata/RHSA-2008:0522
RHSA-2008:0532 https://access.redhat.com/errata/RHSA-2008:0532
RHSA-2010:0602 https://access.redhat.com/errata/RHSA-2010:0602
USN-700-1 https://usn.ubuntu.com/700-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-1927
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.87085
EPSS Score 0.01455
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.