Lucene search

K
cveRedhatCVE-2010-1168
HistoryJun 21, 2010 - 4:30 p.m.

CVE-2010-1168

2010-06-2116:30:01
CWE-264
redhat
web.nvd.nist.gov
48
cve-2010-1168
safe module
perl
access restrictions
code injection
arbitrary code
automagic methods
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.019

Percentile

88.7%

The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to “automagic methods.”

Affected configurations

Nvd
Node
rafael_garcia-suarezsafeMatch2.08
OR
rafael_garcia-suarezsafeMatch2.09
OR
rafael_garcia-suarezsafeMatch2.11
OR
rafael_garcia-suarezsafeMatch2.13
OR
rafael_garcia-suarezsafeMatch2.14
OR
rafael_garcia-suarezsafeMatch2.15
OR
rafael_garcia-suarezsafeMatch2.16
OR
rafael_garcia-suarezsafeMatch2.17
OR
rafael_garcia-suarezsafeMatch2.18
OR
rafael_garcia-suarezsafeMatch2.19
OR
rafael_garcia-suarezsafeMatch2.20
OR
rafael_garcia-suarezsafeMatch2.21
OR
rafael_garcia-suarezsafeMatch2.22
OR
rafael_garcia-suarezsafeMatch2.23
OR
rafael_garcia-suarezsafeMatch2.24
AND
perlperl
VendorProductVersionCPE
rafael_garcia-suarezsafe2.08cpe:2.3:a:rafael_garcia-suarez:safe:2.08:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.09cpe:2.3:a:rafael_garcia-suarez:safe:2.09:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.11cpe:2.3:a:rafael_garcia-suarez:safe:2.11:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.13cpe:2.3:a:rafael_garcia-suarez:safe:2.13:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.14cpe:2.3:a:rafael_garcia-suarez:safe:2.14:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.15cpe:2.3:a:rafael_garcia-suarez:safe:2.15:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.16cpe:2.3:a:rafael_garcia-suarez:safe:2.16:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.17cpe:2.3:a:rafael_garcia-suarez:safe:2.17:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.18cpe:2.3:a:rafael_garcia-suarez:safe:2.18:*:*:*:*:*:*:*
rafael_garcia-suarezsafe2.19cpe:2.3:a:rafael_garcia-suarez:safe:2.19:*:*:*:*:*:*:*
Rows per page:
1-10 of 161

References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.019

Percentile

88.7%