CVE-2001-0815 - Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attacker

CVE-2001-0815

Summary

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.

References

Vulnerable Configurations

cpe:2.3:a:activestate:activeperl:-:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:-:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.6.1.629:*:*:*:*:*:*:*
cpe:2.3:a:activestate:activeperl:5.6.1.629:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 10-10-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	3526
bugtraq	20011115 NSFOCUS SA2001-07 : ActivePerl PerlIS.dll Remote Buffer Overflow Vulnerability
confirm	http://bugs.activestate.com/show_bug.cgi?id=18062
osvdb	678
xf	activeperl-perlis-filename-bo(7539)

Last major update

10-10-2017 - 01:29

Published

06-12-2001 - 05:00

Last modified

10-10-2017 - 01:29