6 matches found
CVE-2015-1416
Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file...
CVE-2015-1416
The CVE-2015-1416 issue affects the patch utilities used on FreeBSD and related systems. Specifically, the patch tool (patch(1)) in FreeBSD versions 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; as well as Bitrig, and GNU patch before 2.2.5, may execute...
Perl Unicode规则表达式缓冲区溢出漏洞
Perl是一款功能强大的编程语言。 Perl的规则表达式引擎存在一个缺陷,远程攻击者可以利用漏洞以Perl进程权限执行任意指令。 在处理Unicode规则表达式时存在一个缓冲区溢出,攻击者构建特殊的输入到规则表达式,可导致Perl不正确分配内存,导致以运行Perl进程的用户进程权限执行任意指令。 RedHat Enterprise Linux Desktop v.5 client RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux v. 5 server RedHat...
CVE-2004-0377
Buffer overflow in the win32stat function for 1 ActiveState's ActivePerl and 2 Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character...
CVE-2004-0377
CVE-2004-0377: A buffer overflow in the win32_stat wrapper used by ActivePerl (ActiveState) and Larry Wall’s Perl up to 5.8.3 allows local or remote code execution when a filename ends with a backslash. Exploitation depends on how the vulnerable Perl is used by an application; Windows environment...
CVE-2004-0377
Buffer overflow in the win32stat function for 1 ActiveState's ActivePerl and 2 Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character...