Show filters
333 Total Results
Displaying 201-210 of 333
Sort by:
Attacker Value
Unknown
CVE-2009-2946
Disclosure Date: September 04, 2009 (last updated October 04, 2023)
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.
0
Attacker Value
Unknown
CVE-2009-1884
Disclosure Date: August 19, 2009 (last updated October 04, 2023)
Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391.
0
Attacker Value
Unknown
CVE-2009-2565
Disclosure Date: July 21, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Perl CGI's By Mrs. Shiromuku shiromuku(fs6)DIARY 2.40 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2009-0667
Disclosure Date: July 09, 2009 (last updated October 04, 2023)
Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.
0
Attacker Value
Unknown
CVE-2009-1391
Disclosure Date: June 16, 2009 (last updated October 04, 2023)
Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.
0
Attacker Value
Unknown
CVE-2009-1341
Disclosure Date: April 30, 2009 (last updated October 04, 2023)
Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns.
0
Attacker Value
Unknown
CVE-2009-0663
Disclosure Date: April 30, 2009 (last updated October 04, 2023)
Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows.
0
Attacker Value
Unknown
CVE-2008-6724
Disclosure Date: April 17, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste 1.0 allows remote attackers to inject arbitrary web script or HTML via the language parameter. NOTE: some of these details are obtained from third party information.
0
Attacker Value
Unknown
CVE-2009-0796
Disclosure Date: April 07, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
0
Attacker Value
Unknown
CVE-2009-0912
Disclosure Date: March 16, 2009 (last updated October 04, 2023)
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
0