Lucene search
RedhatCVELIST:CVE-2011-4114HistoryJan 13, 2012 - 6:00 p.m.
CVE-2011-4114
2012-01-1318:00:00
redhat
www.cve.org
6
The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE: a similar vulnerability was reported for PAR, but this has been assigned a different CVE identifier.
References
lists.fedoraproject.org/pipermail/package-announce/2011-December/071091.html
lists.fedoraproject.org/pipermail/package-announce/2011-December/071099.html
www.openwall.com/lists/oss-security/2011/11/04/2
www.openwall.com/lists/oss-security/2011/11/04/4
bugzilla.redhat.com/show_bug.cgi?id=753955
rt.cpan.org/Public/Bug/Display.html?id=69560
Related
fedora
fedora
[SECURITY] Fedora 16 Update: perl-PAR-Packer-1.010-3.fc16
2011-12-21 16:58:35
[SECURITY] Fedora 15 Update: perl-PAR-Packer-1.008-4.fc15
2011-12-21 16:57:05
[SECURITY] Fedora 15 Update: perl-PAR-1.002-4.fc15
2011-12-21 16:57:05
debiancve
debiancve
CVE-2011-4114
2012-01-13 18:55:03
CVE-2011-5060
2012-01-13 19:55:01
openvas
openvas
Fedora Update for perl-PAR-Packer FEDORA-2011-16859
2011-12-23 00:00:00
Fedora Update for perl-PAR FEDORA-2011-16856
2012-04-02 00:00:00
Fedora Update for perl-PAR FEDORA-2011-16859
2011-12-23 00:00:00
osv
osv
perl-PAR-1.011-1.1 on GA media
2024-06-15 00:00:00
nvd
nvd
CVE-2011-4114
2012-01-13 18:55:03
CVE-2011-5060
2012-01-13 19:55:01
cve
cve
CVE-2011-4114
2012-01-13 18:55:03
CVE-2011-5060
2012-01-13 19:55:01
nessus
nessus
prion
prion
Code injection
2012-01-13 18:55:00
Code injection
2012-01-13 19:55:00
cvelist
cvelist
CVE-2011-5060
2012-01-13 19:00:00
ubuntucve
ubuntucve
CVE-2011-4114
2012-01-13 00:00:00
CVE-2011-5060
2012-01-13 00:00:00