CVE-2012-2451 in Config-inifiles정보

요약 (영어)

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

예약하다

2012. 05. 02.

공개

2012. 06. 27.

상태

확인됨

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
61133	Shlomi Fish Config-inifiles ini IniFiles 권한 상승	61	정의되지 않음	공식 수정	CVE-2012-2451

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

출처

◂ 이전개요다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!