Perl 5.22 Buffer Overflow Vulnerability

High Log Correlation Engine Plugin ID 802000


The specific version of Perl that this Apache server is running is vulnerable to a buffer overflow attack..


Perl contains an overflow condition in the VDir::MapPathA() function. The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
Technical Information: Note: Programming language vulnerability. This code is used in a wide variety of software and the issue may manifest in a number of different ways. Depending on the implementation, it varies if this vulnerability requires local access or may be exploited remotely.


A patch has been released to address this issue. Apply the vendor's patch or update to a later version.

See Also

Plugin Details

Severity: High

ID: 802000

Family: Generic

Published: 2016/06/02

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2016/12/15

Vulnerability Publication Date: 2016/01/16

Reference Information

CVE: CVE-2015-8608