CVE-2015-8608

Name of the Vulnerable Software and Affected Versions Perl version 5.22

Description The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted input. Specifically, the VDir::MapPathA and VDir::MapPathW functions are vulnerable to an out-of-bounds read. The vulnerability can be triggered by a crafted drive letter or pInName argument.

Recommendations For Perl version 5.22, consider restricting the use of the VDir::MapPathA and VDir::MapPathW functions until a patch is available. As a temporary workaround, avoid using crafted drive letters or pInName arguments in these functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.