TROYANOSYVIRUS
Retour aux CVEs

CVE-2012-2451

N/A

Description

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.

Details CVE

Score CVSS v3.1N/A
Publie6/27/2012
Derniere modification4/29/2026
Sourcenvd
Observations honeypot0

Produits affectes

shlomi_fish:config-inifiles

References

http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080713.html(cve@mitre.org)
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080716.html(cve@mitre.org)
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081207.html(cve@mitre.org)
http://secunia.com/advisories/48990(cve@mitre.org)
http://www.openwall.com/lists/oss-security/2012/05/02/6(cve@mitre.org)
http://www.osvdb.org/81671(cve@mitre.org)
http://www.securityfocus.com/bid/53361(cve@mitre.org)
http://www.ubuntu.com/usn/USN-1543-1(cve@mitre.org)
https://bitbucket.org/shlomif/perl-config-inifiles/changeset/a08fa26f4f59(cve@mitre.org)
https://bugzilla.redhat.com/show_bug.cgi?id=818386(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75328(cve@mitre.org)
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080713.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080716.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081207.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/48990(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/05/02/6(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/81671(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/53361(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1543-1(af854a3a-2127-422b-91ae-364da2661108)
https://bitbucket.org/shlomif/perl-config-inifiles/changeset/a08fa26f4f59(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=818386(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75328(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.