Description

The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.

Remediation

References

CVE-2015-8608

Related Vulnerabilities

WordPress Plugin HD Webplayer Multiple SQL Injection Vulnerabilities (1.1)

WordPress Plugin Seriously Simple Podcasting Cross-Site Request Forgery (2.16.0)

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46606)

phpMyFAQ Improper Access Control Vulnerability (CVE-2023-2429)

Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)

Severity

Critical

Classification

CVE-2015-8608 CWE-125 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities