https://www.exploit-db.com/exploits/24130
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-734

Perl是流行的跨平台编程语言。ActiveStatePerl复制操作实现存在缓冲区溢出，远程攻击者可以利用这个漏洞以调用应用程序进程在系统上执行任意指令。问题是由于在执行多个数据传递给perl复制操作时缺少正确的边界缓冲区检查，会导致发生基于整数的溢出，精心构建提交数据可能以调用应用程序进程在系统上执行任意指令。

source: http://www.securityfocus.com/bid/10380/info

ActiveState Perl is reported to be prone to an integer overflow vulnerability. It is revealed through testing that other implementations are also vulnerable.

The issue is reported to exist due to a lack of sufficient bounds checking that is performed on multiplier data that is passed to a Perl duplicator statement. This vulnerability may permit an attacker to influence execution flow of a vulnerable Perl script to ultimately execute arbitrary code. Failed exploit attempts will result in a denial of service.

$var = "ABCD"x0x40000000;

来源:XF
名称:perl-duplication-bo(16224)
链接:http://xforce.iss.net/xforce/xfdb/16224
来源:BID
名称:10380
链接:http://www.securityfocus.com/bid/10380
来源:FULLDISC
名称:20040517RE:[Full-Disclosure]BufferOverflowinActivePerl?
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0878.html
来源：NSFOCUS
名称：6464
链接：http://www.nsfocus.net/vulndb/6464