2.1 CVE-2004-2022

Exploit
 

ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl.
https://nvd.nist.gov/vuln/detail/CVE-2004-2022

Categories

CWE-NVD-Other

References


 

CPE

cpe start end
Configuration 1
cpe:2.3:a:activestate:activeperl:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.6.1.630:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.7.1:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.7.2:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.7.3:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.8:*:*:*:*:*:*:*


REMEDIATION




EXPLOITS


Exploit-db.com

id description date
24128 ActivePerl 5.x / Cygwin 1.5.x - System Function Call Buffer Overflow 2004-05-18 00:00:00

Other (github, ...)

Url
10375
http://www.oliverkarow.de/research/ActivePerlSystemBOF.txt
http://www.perlmonks.org/index.pl?node_id=354145


CAPEC


Common Attack Pattern Enumerations and Classifications

id description severity
No entry


MITRE