CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-2856

MEDIUM
4.6
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile14.63th
Published2006年6月6日
Last Modified2026年4月16日

Vulnerability Description

ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib directory with "Users" group permissions for changing files, which allows local users to gain privileges by creating a malicious sitecustomize.pl file in that directory. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

📦
Activestate

Activeperl

= 5.8.8.817

References & Advisories

🔗 http://secunia.com/advisories/20328
🔗 http://www.osvdb.org/25974
🔗 http://www.securityfocus.com/bid/18269
🔗 http://www.vupen.com/english/advisories/2006/2140
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/26915
🔗 http://secunia.com/advisories/20328
🔗 http://www.osvdb.org/25974
🔗 http://www.securityfocus.com/bid/18269

相关漏洞威胁

CVE-2004-037710.0

Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or...

CVE-2001-08157.5

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code vi...

CVE-2004-22867.5

Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possib...

CVE-2012-53776.0

Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C...