There is a buffer overflow in the stat() function (implemented as win32_stat) that can allow for arbitrarily-executed commands, if a filename ends in a '\'. The fix will be available in 5.8.4. Patches are available on Activestate's site, specifically at http://public.activestate.com/cgi-bin/perlbrowse?patch=22552.

You can view the text at http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities

------
We are the carpenters and bricklayers of the Information Age.

Then there are Damian modules.... *sigh* ... that's not about being less-lazy -- that's about being on some really good drugs -- you know, there is no spoon. - flyingmoose

Back to Perl News