Paul M. Gunsch

**Name of the Vulnerable Software and Affected Versions** IBM AIX version 7.3 VIOS version 4.1 **Description** The issue allows a non-privileged local user to execute arbitrary commands due to a vulnerability in the Perl implementation. A remote attacker could bypass security restrictions by exploiting improper handling of property names in the `S parse uniprop string` function in regcomp.c, using a specially crafted regular expression input to write to unallocated space. **Recommendations** For IBM AIX version 7.3, update the Perl implementation to prevent arbitrary command execution. For VIOS version 4.1, update the Perl implementation to prevent arbitrary command execution. As a temporary workaround, consider restricting access to the vulnerable Perl implementation until a patch is available.