Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-5060

Опубликовано: 13 янв. 2012
Источник: nvd
CVSS2: 3.3
EPSS Низкий

Описание

The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:roderich_schupp:par-packer_module:*:*:*:*:*:*:*:*
Версия до 1.002 (включая)
cpe:2.3:a:roderich_schupp:par-packer_module:0.63:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.64:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.65:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.66:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.67:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.68:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.69:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.70:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.71:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.72:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.73:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.74:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.75:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.76:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.77:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.78:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.79:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.80:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.81:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.82:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.83:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.85:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.86:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.87:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.88:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.89:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.90:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.91:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.92:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.93:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.94:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.941:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.942:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.951:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.952:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.953:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.954:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.955:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.956:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.957:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.958:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.959:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.960:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.970:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.973:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.975:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.976:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.977:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.978:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.979:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.980:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.981:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.982:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.991:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.992_01:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.992_02:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.992_03:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.992_04:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.992_05:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:0.992_06:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:1.000:*:*:*:*:*:*:*
cpe:2.3:a:roderich_schupp:par-packer_module:1.001:*:*:*:*:*:*:*

EPSS

Процентиль: 15%
0.00048
Низкий

3.3 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2011-5060

ubuntu
около 14 лет назад

The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.

debian логотип

CVE-2011-5060

debian
около 14 лет назад

The par_mktmpdir function in the PAR module before 1.003 for Perl crea ...

github логотип

GHSA-hmhv-64cw-2g3m

github
больше 3 лет назад

The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.

EPSS

Процентиль: 15%
0.00048
Низкий

3.3 Low

CVSS2

Дефекты

CWE-264