Executive Summary

Informations
NameCVE-2017-12814First vendor Publication2017-09-27
VendorCveLast vendor Modification2018-04-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12814

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application378
Os1

Nessus® Vulnerability Scanner

DateDescription
2017-09-25Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d9e82328a12911e7987e4f174049b30a.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/101051
CONFIRM https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1
https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1
https://rt.perl.org/Public/Bug/Display.html?id=131665
https://security.netapp.com/advisory/ntap-20180426-0001/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2018-04-28 09:19:27
  • Multiple Updates
2017-10-07 00:22:47
  • Multiple Updates
2017-09-30 09:23:38
  • Multiple Updates
2017-09-28 09:23:02
  • First insertion