Show filters
333 Total Results
Displaying 161-170 of 333
Sort by:
Attacker Value
Unknown

CVE-2013-1667

Disclosure Date: March 14, 2013 (last updated October 05, 2023)
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
0
Attacker Value
Unknown

CVE-2013-0209

Disclosure Date: January 23, 2013 (last updated October 05, 2023)
lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injection attack against the core_drop_meta_for_table function, leading to execution of arbitrary Perl code.
0
Attacker Value
Unknown

CVE-2012-6329

Disclosure Date: January 04, 2013 (last updated October 05, 2023)
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.
0
Attacker Value
Unknown

CVE-2012-5932

Disclosure Date: December 24, 2012 (last updated October 05, 2023)
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request.
0
Attacker Value
Unknown

CVE-2011-2728

Disclosure Date: December 21, 2012 (last updated October 05, 2023)
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.
0
Attacker Value
Unknown

CVE-2012-5195

Disclosure Date: December 18, 2012 (last updated October 05, 2023)
Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.
0
Attacker Value
Unknown

CVE-2009-2899

Disclosure Date: December 05, 2012 (last updated October 05, 2023)
The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments.
0
Attacker Value
Unknown

CVE-2012-5526

Disclosure Date: November 21, 2012 (last updated October 05, 2023)
CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.
0
Attacker Value
Unknown

CVE-2012-5377

Disclosure Date: October 11, 2012 (last updated October 05, 2023)
Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C:\ directory, allows local users to gain privileges via a Trojan horse DLL in the C:\Perl\Site\bin directory, which is added to the PATH system environment variable, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview.
0
Attacker Value
Unknown

CVE-2011-4363

Disclosure Date: October 07, 2012 (last updated October 05, 2023)
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS.
0