Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Integer overflow in the duplication operator in ActivePerl allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
activestate activeperl 5.6.1
activestate activeperl 5.8.1
activestate activeperl 5.8.3
larry wall perl 5.6.1
activestate activeperl 5.6.1.630
activestate activeperl 5.6.2
larry wall perl 5.3
larry wall perl 5.4
larry wall perl 5.8.1
larry wall perl 5.8.3
larry wall perl 5.8.0
activestate activeperl 5.6.3
activestate activeperl 5.7.1
activestate activeperl 5.7.2
larry wall perl 5.4.5
larry wall perl 5.5
activestate activeperl 5.7.3
activestate activeperl 5.8
larry wall perl 5.5.3
larry wall perl 5.6

source: wwwsecurityfocuscom/bid/10380/info ActiveState Perl is reported to be prone to an integer overflow vulnerability It is revealed through testing that other implementations are also vulnerable The issue is reported to exist due to a lack of sufficient bounds checking that is performed on multiplier data that is passed to a Perl d ...

NVD-CWE-Other http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0878.html http://www.securityfocus.com/bid/10380 https://exchange.xforce.ibmcloud.com/vulnerabilities/16224 https://nvd.nist.gov https://www.exploit-db.com/exploits/24130/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2286

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect