Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-5377Activeperl vulnerability

4 documents4 sources
Severity
6.0MEDIUMNVD
EPSS
0.4%
top 39.73%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Activestate Activeperl
Timeline
PublishedOct 11
Latest updateMay 17

Description

Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C:\ directory, allows local users to gain privileges via a Trojan horse DLL in the C:\Perl\Site\bin directory, which is added to the PATH system environment variable, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Pre

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.5 | Impact: 10.0

Affected Packages1 packages

NVDactivestate/activeperl5.16.1.1601

🔴Vulnerability Details

2
GHSA
GHSA-64cp-j7mg-j33g: Untrusted search path vulnerability in the installation functionality in ActivePerl 52022-05-17
CVEList
CVE-2012-5377: Untrusted search path vulnerability in the installation functionality in ActivePerl 52012-10-11

💥Exploits & PoCs

1
Exploit-DB
IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL (Metasploit)2013-09-06
CVE-2012-5377 — Activestate Activeperl vulnerability | cvebase