Skip to main content

Access of Uninitialized Pointer

CVE-2011-2728

Severity Medium
Score 4.3/10

Summary

The "bsd_glob" function in the File::Glob module for Perl through 5.12.4 and 5.13.0 through 5.14.1 allows context-dependent attackers to cause a Denial of Service (crash) via a glob expression with the "GLOB_ALTDIRFUNC" flag, which triggers an uninitialized pointer dereference.

  • MEDIUM
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

CWE-824 - Access of Uninitialized Pointer

The program accesses or uses a pointer that has not been initialized.

Advisory Timeline

  • Published