CVE-2004-2022
NONE EPSS 74.0%
Published Dec 31, 200421y ago · Modified Jun 16, 20262w ago
Published Dec 31, 2004 21y ago
Last Modified Jun 16, 2026 2w ago
Description
ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl.
Threat Intelligence
EPSS Exploit Probability
74.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Affected Products 8
| Vendor | Product | Version | Range |
|---|---|---|---|
| activestate | activeperl | 5.6.1 | any |
| activestate | activeperl | 5.6.1.630 | any |
| activestate | activeperl | 5.6.2 | any |
| activestate | activeperl | 5.6.3 | any |
| activestate | activeperl | 5.7.1 | any |
| activestate | activeperl | 5.7.2 | any |
| activestate | activeperl | 5.7.3 | any |
| activestate | activeperl | 5.8 | any |
References 9
- archives.neohapsis.com http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0905.html
- marc.info http://marc.info/?l=bugtraq&m=108489894009025&w=2
- marc.info http://marc.info/?l=full-disclosure&m=108482796105922&w=2
- marc.info http://marc.info/?l=full-disclosure&m=108483058514596&w=2
- marc.info http://marc.info/?l=full-disclosure&m=108489112131099&w=2
- oliverkarow.de http://www.oliverkarow.de/research/ActivePerlSystemBOF.txt
- perlmonks.org http://www.perlmonks.org/index.pl?node_id=354145
- securityfocus.com http://www.securityfocus.com/bid/10375
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/16169
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.