Lucene search

Kaspersky LabKLA10053

HistoryDec 31, 2004 - 12:00 a.m.

KLA10053 DoS vulnerability in ActivePerl

2004-12-3100:00:00

Kaspersky Lab

threats.kaspersky.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.6%

JSON

Detect date:

12/31/2004

Severity:

Critical

Description:

An integer overflow vulnerability was found in ActivePerl. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited at a point related to the duplication operator via a large multiplier.

Affected products:

Activestate ActivePerl 5 versions 5.8.3 and earlier

Solution:

Update to latest version

Original advisories:

vulnerability description

Impacts:

ACE

Related products:

ActivePerl

CVE-IDS:

CVE-2004-22867.5Critical

References

www.cvedetails.com/cve/CVE-2004-2286/

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2286

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/ActivePerl/

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.6%

JSON

Related for KLA10053

cve1