CPANSA-ActivePerl-2004-0377: ActivePerl vulnerability

Publisher	giterlizzi	Document category	csaf_security_advisory
Initial release date	2004-05-04T00:00:00	Engine	CSAF Perl Toolkit 0.25
Current release date	2004-05-04T00:00:00	Build Date
Current version	1	Status	final
CVSS v3.1 Base Score		Severity
Original language		Language	en
Also referred to

Vulnerability Description

Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.

Vulnerabilities

CVE-2004-0377

Vulnerability Description

Product status

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

CPANSA-ActivePerl-2004-0377 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2004/cpansa-activeperl-2004-0377.json
http://www.kb.cert.org/vuls/id/722414 external
http://www.kb.cert.org/vuls/id/722414
http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html external
http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html
http://public.activestate.com/cgi-bin/perlbrowse?patch=22552 external
http://public.activestate.com/cgi-bin/perlbrowse?patch=22552
http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities external
http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities
http://marc.info/?l=bugtraq&m=108118694327979&w=2 external
http://marc.info/?l=bugtraq&m=108118694327979&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15732 external
https://exchange.xforce.ibmcloud.com/vulnerabilities/15732
CVE-2004-0377 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2004-0377

Revision history

Version	Date of the revision	Summary of the revision
1	Tue May 4 00:00:00 2004	First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/