CVE-2004-0377
NONE EPSS 93.3%
Published May 4, 200422y ago · Modified Jun 16, 20262w ago
Published May 4, 2004 22y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.
Threat Intelligence
EPSS Exploit Probability
93.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 2
| Vendor | Product | Version | Range |
|---|---|---|---|
| activestate | activeperl | * | any |
| larry_wall | perl | * | ≤5.8.3 |
References 6
- lists.grok.org.uk http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html
- marc.info http://marc.info/?l=bugtraq&m=108118694327979&w=2
- public.activestate.com http://public.activestate.com/cgi-bin/perlbrowse?patch=22552
- idefense.com http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities
- kb.cert.org http://www.kb.cert.org/vuls/id/722414
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/15732
Remediation
- lists.grok.org.uk http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html
- kb.cert.org http://www.kb.cert.org/vuls/id/722414