CPANSA-ActivePerl-2001-0815: ActivePerl vulnerability

Publisher	giterlizzi	Document category	csaf_security_advisory
Initial release date	2001-12-06T00:00:00	Engine	CSAF Perl Toolkit 0.25
Current release date	2001-12-06T00:00:00	Build Date
Current version	1	Status	final
CVSS v3.1 Base Score		Severity
Original language		Language	en
Also referred to

Vulnerability Description

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.

Vulnerabilities

CVE-2001-0815

Vulnerability Description

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.

Product status

Known affected

Product

Score

ActivePerl less than or equal 5.6.1.629

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
2.0	AV:N/AC:L/Au:N/C:P/I:P/A:P	7.5	High

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

CPANSA-ActivePerl-2001-0815 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2001/cpansa-activeperl-2001-0815.json
http://bugs.activestate.com/show_bug.cgi?id=18062 external
http://bugs.activestate.com/show_bug.cgi?id=18062
http://www.securityfocus.com/bid/3526 external
http://www.securityfocus.com/bid/3526
http://www.osvdb.org/678 external
http://www.osvdb.org/678
http://marc.info/?l=bugtraq&m=100583978302585&w=2 external
http://marc.info/?l=bugtraq&m=100583978302585&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/7539 external
https://exchange.xforce.ibmcloud.com/vulnerabilities/7539
CVE-2001-0815 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2001-0815

Revision history

Version	Date of the revision	Summary of the revision
1	Thu Dec 6 00:00:00 2001	First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/