Algorithmic Complexity Vulnerability in Email::Address::List by Best Practical
CVE-2014-1474

Currently unrated

Key Information:

Vendor: Bestpractical
Status: Rt; \
Vendor: CVE Published:; 15 July 2014

🔔 Create Bestpractical Vulnerability Alert

What is CVE-2014-1474?

An algorithmic complexity vulnerability exists in the Email::Address::List module prior to version 0.02, as utilized in RT versions 4.2.0 through 4.2.2. This flaw allows remote attackers to craft specific strings devoid of address formatting, which can lead to excessive CPU consumption and denial of service conditions. Administrators are advised to upgrade to the latest versions to mitigate potential risks.

References

http://blog.bestpractical.com/2014/01/security-vulnerabil...

x_refsource_CONFIRM

https://metacpan.org/changes/release/ALEXMV/Email-Address...

x_refsource_CONFIRM

http://lists.bestpractical.com/pipermail/rt-announce/2014...

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2014
Vulnerability Reserved
Jan 16, 2014

CVE-2014-1474 Data

JSON