CVE-2013-7488

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions perl-Convert-ASN1 versions 0.27 and earlier

Description The issue is related to the Convert::ASN1 module for Perl, which can lead to an infinite loop when encountering unexpected input. This can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions 0.27 and earlier, update to a version later than 0.27 to resolve the issue. As a temporary workaround, consider restricting input to prevent unexpected data from being processed by the Convert::ASN1 module until a patch is available.

Exploit

Fix

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

ALSA-2024:3049

BDU:2023-01647

CESA-2024_3049

CVE-2013-7488

INFSA-2024_3049

MGASA-2021-0363

OPENSUSE-SU-2024:11159-1

RHSA-2024:3049

RHSA-2024_3049

RLSA-2024:3049

SUSE-SU-2021:0172-1

SUSE-SU-2021:0183-1

SUSE-SU-2021_0172-1

SUSE-SU-2021_0183-1

Affected Products

Almalinux

Astra Linux

Centos

Convert::Asn1

Red Hat

Rocky Linux

Suse

CVE-2013-7488

Weakness Enumeration

Related Identifiers

Affected Products

References · 49