CVE-2004-2286

Published: Dec 31, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow.

Affected (20)

Products: Activestate: Activeperl · Larry Wall: Perl

1 product

1 product

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Activestate Activeperl	Version 5.6.1.630
Activestate Activeperl	Version 5.6.1
Activestate Activeperl	Version 5.6.2
Activestate Activeperl	Version 5.6.3
Activestate Activeperl	Version 5.7.1
Activestate Activeperl	Version 5.7.2
Activestate Activeperl	Version 5.7.3
Activestate Activeperl	Version 5.8.1
Activestate Activeperl	Version 5.8.3
Activestate Activeperl	Version 5.8
Larry Wall Perl	Version 5.3
Larry Wall Perl	Version 5.4.5
Larry Wall Perl	Version 5.4
Larry Wall Perl	Version 5.5.3
Larry Wall Perl	Version 5.5
Larry Wall Perl	Version 5.6.1
Larry Wall Perl	Version 5.6
Larry Wall Perl	Version 5.8.0
Larry Wall Perl	Version 5.8.1
Larry Wall Perl	Version 5.8.3

References (6)

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0878.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/10380

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/16224

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0878.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/10380

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/16224

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.