Perl 5.22 Buffer Overflow Vulnerability

high Log Correlation Engine Plugin ID 802000


The specific version of Perl that this Apache server is running is vulnerable to a buffer overflow attack..


Perl contains an overflow condition in the VDir::MapPathA() function. The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
Technical Information: Note: Programming language vulnerability. This code is used in a wide variety of software and the issue may manifest in a number of different ways. Depending on the implementation, it varies if this vulnerability requires local access or may be exploited remotely.


A patch has been released to address this issue. Apply the vendor's patch or update to a later version.

See Also

Plugin Details

Severity: High

ID: 802000

Family: Generic

Published: 6/2/2016

Risk Information


Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Patch Publication Date: 12/15/2016

Vulnerability Publication Date: 1/16/2016

Reference Information

CVE: CVE-2015-8608