VDB
CVE-2009-3626
CVE-2009-3626
PUBLISHED
CVSS 5 MEDIUM
Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.
EPSS 1.30% · 80.1th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
1.30%
80.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| perl | perl | 5.10.1 |
Timeline
- Oct 29, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- ADV-2009-3023 vdb
- [oss-security] 20091023 CVE-2009-3626 assigment notification - Perl - perl-5.10.1 mailing-list
- 59283 vdb
- perl-utf8-expressions-dos(53939) vdb
- http://rt.perl.org/rt3/Ticket/Attachment/617489/295383/ url
- https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6225 url
- http://rt.perl.org/rt3/Public/Bug/Display.html?id=69973 url
- 37144 third-party-advisory
- http://perl5.git.perl.org/perl.git/commit/0abd0d78a73da1c4d13b1c700526b7e5d03b32d4 url
- 36812 vdb
- 1023077 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2009-3626 advisory
- http://rt.perl.org/rt3/Ticket/Attachment/617489/295383 url