Summary
A flaw was found in Perl that may allow a heap buffer overflow, which can lead to denial of service and potential arbitrary code execution on platforms that lack sufficient defenses via specially crafted input to the tr/// transliteration operator containing non-ASCII bytes on the left-hand side
Products Potentially Affected
OS/Product
|
Exposure
|
ExtremeAnalytics for Site Engine
|
Yes
|
ExtremeCloud IQ - Site Engine (XIQ-SE)
|
Yes
|
ExtremeControl for Site Engine
|
Yes
|
Repair Recommendations
ExtremeAnalytics for Site Engine:
- Fixed in 25.5.10 or later.
ExtremeCloud IQ - Site Engine (XIQ-SE):
- Fixed in 25.5.10 or later.
ExtremeControl for Site Engine:
- Fixed in 25.5.10 or later.
Please see the full security advisory article here for more details and future updates.