Back to search
CVE-2011-5060
Published: Jan 13, 2012
Modified: Aug 7, 2024
PUBLISHED
Description
The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=753955
x_refsource_CONFIRM
http://cpansearch.perl.org/src/RSCHUPP/PAR-1.003/ChangeLog
x_refsource_CONFIRM
par-parmktmpdir-symlink(72435)
vdb-entry
x_refsource_XF
https://rt.cpan.org/Public/Bug/Display.html?id=69560
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now