3 results (0.001 seconds)

CVSS: 7.5EPSS: 2%CPEs: 20EXPL: 2

Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow. • https://www.exploit-db.com/exploits/24130 http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0878.html http://www.securityfocus.com/bid/10380 https://exchange.xforce.ibmcloud.com/vulnerabilities/16224 •

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 4

ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl. • https://www.exploit-db.com/exploits/24128 http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0905.html http://marc.info/?l=bugtraq&m=108489894009025&w=2 http://marc.info/?l=full-disclosure&m=108482796105922&w=2 http://marc.info/?l=full-disclosure&m=108483058514596&w=2 http://marc.info/?l=full-disclosure&m=108489112131099&w=2 http://www.oliverkarow.de/research/ActivePerlSystemBOF.txt http://www.perlmonks.org/index.pl? •

CVSS: 7.5EPSS: 47%CPEs: 1EXPL: 5

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension. • https://www.exploit-db.com/exploits/21152 https://www.exploit-db.com/exploits/21154 https://www.exploit-db.com/exploits/21153 http://bugs.activestate.com/show_bug.cgi?id=18062 http://marc.info/?l=bugtraq&m=100583978302585&w=2 http://www.osvdb.org/678 http://www.securityfocus.com/bid/3526 https://exchange.xforce.ibmcloud.com/vulnerabilities/7539 •