virus logo FortiClient Vulnerability

ActiveState ActivePerl CVE-2012-5377 Vulnerability

description-logoDescription

Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C:\\ directory, allows local users to gain privileges via a Trojan horse DLL in the C:\\Perl\\Site\\bin directory, which is added to the PATH system environment variable, as demonstrated by a Trojan horse wlbsctrl.dll file used by the \"IKE and AuthIP IPsec Keying Modules\" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview.

affected-products-logoAffected Applications

ActivePerl

CVE References

CVE-2012-5377

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5377
ID 67163
Created Apr 09, 2021
Description
Updated		 Dec 13, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor ActiveState
Patch manual
Application ActivePerl