Oracle Solaris Third-Party Patch Update : perl-58 (cve_2012_5195_buffer_errors)
High Nessus Plugin ID 80734
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.
SolutionUpgrade to Solaris 220.127.116.11.0.