7.5

CVE-2016-2381

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PerlPerl Version < 5.23.9
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
OracleConfiguration Manager Version < 12.1.2.0.4
OracleConfiguration Manager Version12.1.2.0.6
OracleDatabase Server Version11.2.0.4
OracleDatabase Server Version12.1.0.2
OracleDatabase Server Version12.2.0.1
OracleDatabase Server Version18c
OracleDatabase Server Version19c
OracleTimesten In-memory Database Version < 18.1.2.1.0
OracleSolaris Version11.3
OpensuseOpensuse Version13.2
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version15.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.01% 0.946
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2916-1
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-03/msg00112.html
Third Party Advisory
Mailing List
https://security.gentoo.org/glsa/201701-75
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html
Third Party Advisory
http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
Vendor Advisory
http://www.debian.org/security/2016/dsa-3501
Third Party Advisory
http://www.gossamer-threads.com/lists/perl/porters/326387
Third Party Advisory
http://www.securityfocus.com/bid/83802
Third Party Advisory
VDB Entry