Vulnerabilities > CVE-2004-2022 - Unspecified vulnerability in Activestate Activeperl

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

activestate

exploit available

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl.

Vulnerable Configurations

Part	Description	Count
Application	Activestate Activestate Activeperl 5.7.2 Activestate Activeperl 5.6.2 Activestate Activeperl 5.6.3 Activestate Activeperl 5.6.1 Activestate Activeperl 5.7.1 Activestate Activeperl 5.7.3 Activestate Activeperl 5.8 Activestate Activeperl 5.6.1.630	8

Exploit-Db

description	ActivePerl 5.x,Cygwin 1.5.x System Function Call Buffer Overflow Vulnerability. CVE-2004-2022. Dos exploit for windows platform
id	EDB-ID:24128
last seen	2016-02-02
modified	2004-05-18
published	2004-05-18
reporter	Oliver Karow
source	https://www.exploit-db.com/download/24128/
title	ActivePerl 5.x / Cygwin 1.5.x - System Function Call Buffer Overflow Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References