CVE-2014-1474

Publication date 15 July 2014

Last updated 24 July 2024

Ubuntu priority

Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libemail-address-list-perl	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release
	10.04 LTS lucid	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://lists.bestpractical.com/pipermail/rt-announce/2014-January/000245.html
https://metacpan.org/changes/release/ALEXMV/Email-Address-List-0.02
http://lists.bestpractical.com/pipermail/rt-announce/2014-June/000257.html
http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42.html
https://www.cve.org/CVERecord?id=CVE-2014-1474