CVE-2014-0477 in Email::Address
Résumé (Anglaise)
The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address.
Réserver
19/12/2013
Divulgation
03/07/2014
Entrées
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnérabilité | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 70267 | Email::Address élévation de privilèges | 185 | Non défini | Correctif officiel | CVE-2014-0477 |