Vulnerabilities > CVE-2006-2856 - Unspecified vulnerability in Activestate Activeperl 5.8.8.817
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib directory with "Users" group permissions for changing files, which allows local users to gain privileges by creating a malicious sitecustomize.pl file in that directory. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://secunia.com/advisories/20328
- http://secunia.com/advisories/20328
- http://www.osvdb.org/25974
- http://www.osvdb.org/25974
- http://www.securityfocus.com/bid/18269
- http://www.securityfocus.com/bid/18269
- http://www.vupen.com/english/advisories/2006/2140
- http://www.vupen.com/english/advisories/2006/2140
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26915
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26915