CVE-2012-5377

Name of the Vulnerable Software and Affected Versions ActivePerl version 5.16.1.1601

Description The issue concerns an untrusted search path vulnerability in the installation functionality. This vulnerability allows local users to gain privileges via a Trojan horse DLL in the C:PerlSitebin directory. The directory is added to the PATH system environment variable. A demonstration of this vulnerability involves a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in various Windows operating systems.

Recommendations For ActivePerl version 5.16.1.1601, consider removing the C:PerlSitebin directory from the PATH system environment variable to minimize the risk of exploitation. As a temporary workaround, restrict access to the C:PerlSitebin directory until a patch is available.