Lucene search

K

RedhatCVELIST:CVE-2010-1168

HistoryJun 21, 2010 - 4:00 p.m.

CVE-2010-1168

2010-06-2116:00:00

redhat

www.cve.org

6.8 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.7%

The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to “automagic methods.”

References

blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html

blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in

cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes

kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

secunia.com/advisories/40049

secunia.com/advisories/40052

secunia.com/advisories/42402

securitytracker.com/id?1024062

www.mandriva.com/security/advisories?name=MDVSA-2010:115

www.mandriva.com/security/advisories?name=MDVSA-2010:116

www.openwall.com/lists/oss-security/2010/05/20/5

www.redhat.com/support/errata/RHSA-2010-0457.html

www.redhat.com/support/errata/RHSA-2010-0458.html

www.vupen.com/english/advisories/2010/3075

bugzilla.redhat.com/show_bug.cgi?id=576508

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7424

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9807

6.8 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.7%

Related for CVELIST:CVE-2010-1168

cve3 nessus31 openvas27 veracode1 nvd3 prion3 gentoo1 debiancve1 fedora3 ubuntucve3 securityvulns4 seebug2 oraclelinux2 redhat2 centos1 debian2 cvelist1 ubuntu1 vmware2