Lucene search
+L

5 matches found

nvd
nvd
added 2017/09/28 1:29 a.m.23 views

CVE-2017-12814

Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable...

9.8CVSS9.9AI score0.06981EPSS
Exploits1References6
prion
prion
added 2017/09/28 1:29 a.m.20 views

Stack overflow

Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable...

7.5CVSS9.8AI score0.06981EPSS
Exploits1References6Affected Software1
hackerone
hackerone
added 2017/09/27 8:49 p.m.50 views

Internet Bug Bounty: Perl $ENV Key Stack Buffer Overflow

The CPerlHost::Add method in win32\perlhost.h is vulnerable to a stack buffer overflow. void CPerlHost::AddLPCSTR lpStr char szBuffer1024; LPSTR lpPtr; int index, length = strlenlpStr+1; forindex = 0; lpStrindex != '\0' && lpStrindex != '='; ++index szBufferindex = lpStrindex; szBufferindex = '\0...

7.5CVSS9.5AI score0.06981EPSS
Exploits1
cvelist
cvelist
added 2017/09/27 5:0 p.m.27 views

CVE-2017-12814

Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable...

9.8AI score0.06981EPSS
Exploits1References6
cve
cve
added 2017/09/27 5:0 p.m.75 views

CVE-2017-12814

CVE-2017-12814 affects Windows builds of Perl prior to 5.24.3-RC1 and 5.26.x prior to 5.26.1-RC1, due to a stack-based overflow in CPerlHost::Add (win32/perlhost.h). An overly large ENV key can overflow a fixed stack buffer, enabling arbitrary code execution. Public details confirm affected versi...

9.8CVSS9.7AI score0.06981EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder