{
   "document": {
      "category": "csaf_security_advisory",
      "csaf_version": "2.0",
      "distribution": {
         "tlp": {
            "label": "WHITE",
            "url": "https://www.first.org/tlp/"
         }
      },
      "lang": "en",
      "notes": [
         {
            "category": "description",
            "text": "Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.",
            "title": "Vulnerability Description"
         }
      ],
      "publisher": {
         "category": "other",
         "contact_details": "gdt@cpan.org",
         "name": "giterlizzi",
         "namespace": "https://github.com/giterlizzi/"
      },
      "references": [
         {
            "category": "self",
            "summary": "CPANSA-ActivePerl-2004-0377 JSON",
            "url": "https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2004/cpansa-activeperl-2004-0377.json"
         },
         {
            "category": "external",
            "summary": "http://www.kb.cert.org/vuls/id/722414",
            "url": "http://www.kb.cert.org/vuls/id/722414"
         },
         {
            "category": "external",
            "summary": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html",
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html"
         },
         {
            "category": "external",
            "summary": "http://public.activestate.com/cgi-bin/perlbrowse?patch=22552",
            "url": "http://public.activestate.com/cgi-bin/perlbrowse?patch=22552"
         },
         {
            "category": "external",
            "summary": "http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities",
            "url": "http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities"
         },
         {
            "category": "external",
            "summary": "http://marc.info/?l=bugtraq&m=108118694327979&w=2",
            "url": "http://marc.info/?l=bugtraq&m=108118694327979&w=2"
         },
         {
            "category": "external",
            "summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15732",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15732"
         },
         {
            "category": "external",
            "summary": "CVE-2004-0377 (NVD)",
            "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0377"
         }
      ],
      "title": "ActivePerl vulnerability",
      "tracking": {
         "current_release_date": "2004-05-04T00:00:00",
         "generator": {
            "engine": {
               "name": "CSAF Perl Toolkit",
               "version": "0.26"
            }
         },
         "id": "CPANSA-ActivePerl-2004-0377",
         "initial_release_date": "2004-05-04T00:00:00",
         "revision_history": [
            {
               "date": "2004-05-04T00:00:00",
               "number": "1",
               "summary": "First release"
            }
         ],
         "status": "final",
         "version": "1"
      }
   },
   "vulnerabilities": [
      {
         "cve": "CVE-2004-0377",
         "notes": [
            {
               "category": "description",
               "text": "Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.",
               "title": "Vulnerability Description"
            }
         ]
      }
   ]
}