CVE-2004-0377

Опубликовано: 04 мая 2004

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=108118694327979&w=2
http://public.activestate.com/cgi-bin/perlbrowse?patch=22552
http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities
http://www.kb.cert.org/vuls/id/722414
Patch
Third Party Advisory
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/15732
http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=108118694327979&w=2
http://public.activestate.com/cgi-bin/perlbrowse?patch=22552
http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities
http://www.kb.cert.org/vuls/id/722414
Patch
Third Party Advisory
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/15732

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:activestate:activeperl:*:*:*:*:*:*:*:*

cpe:2.3:a:larry_wall:perl:*:*:*:*:*:*:*:*

Версия до 5.8.3 (включая)

EPSS

Процентиль: 94%

0.14668

Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2004-0377

debian

почти 22 года назад

Buffer overflow in the win32_stat function for (1) ActiveState's Activ ...

GHSA-rm2p-jhqp-33q2

github

почти 4 года назад