Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-2451

Опубликовано: 27 июн. 2012
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.6

Описание

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.

РелизСтатусПримечание
devel

not-affected

2.75-1
hardy

ignored

end of life
lucid

released

2.52-1ubuntu0.1
natty

released

2.58-1ubuntu0.1
oneiric

released

2.68-1ubuntu0.11.10.1
precise

released

2.68-1ubuntu0.12.04.1
upstream

released

2.75-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 26%
0.00091
Низкий

3.6 Low

CVSS2

Связанные уязвимости

redhat логотип

CVE-2012-2451

redhat
почти 14 лет назад

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.

nvd логотип

CVE-2012-2451

nvd
больше 13 лет назад

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.

debian логотип

CVE-2012-2451

debian
больше 13 лет назад

The Config::IniFiles module before 2.71 for Perl creates temporary fil ...

github логотип

GHSA-g533-vrrr-6j8r

github
больше 3 лет назад

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.

EPSS

Процентиль: 26%
0.00091
Низкий

3.6 Low

CVSS2