Vulnerabilities > CVE-2005-4261 - Perl Security vulnerability in Positive Software Corporation CP+

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

positive-software

NVD

Published: 2005-12-15

Updated: 2016-10-15

Summary

Unspecified vulnerability in Positive Software Corporation CP+ (cpplus) before 2.5.5 allows attackers to have unknown impact and attack vectors, related to "a possible security flaw caused by a bug in Perl." NOTE: unless CP+ includes its own copy of Perl with CVE-2005-3962, this is a different vulnerability than CVE-2005-3962; however, there is insufficient information to be sure.

Vulnerable Configurations

Part	Description	Count
Application	Positive_Software Positive Software Cp+ 2.5 Positive Software Cp+ 2.5.1 Positive Software Cp+ 2.5.2 Positive Software Cp+ 2.5.3 Positive Software Cp+ 2.5.4 Positive Software Cp+ 2.5.5	6

References

http://cpplus.info/feature_25.html
http://secunia.com/advisories/17975
http://secunia.com/advisories/18005
http://www.securityfocus.com/bid/15799
http://www.trustix.org/errata/2005/0068/
http://www.vupen.com/english/advisories/2005/2828