Lucene search
HistoryJan 13, 2012 - 7:55 p.m.
CVE-2011-5060
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.
Affected configurations
Node
roderich_schupppar-packer_moduleRange≤1.002
ORroderich_schupppar-packer_moduleMatch0.63
ORroderich_schupppar-packer_moduleMatch0.64
ORroderich_schupppar-packer_moduleMatch0.65
ORroderich_schupppar-packer_moduleMatch0.66
ORroderich_schupppar-packer_moduleMatch0.67
ORroderich_schupppar-packer_moduleMatch0.68
ORroderich_schupppar-packer_moduleMatch0.69
ORroderich_schupppar-packer_moduleMatch0.70
ORroderich_schupppar-packer_moduleMatch0.71
ORroderich_schupppar-packer_moduleMatch0.72
ORroderich_schupppar-packer_moduleMatch0.73
ORroderich_schupppar-packer_moduleMatch0.74
ORroderich_schupppar-packer_moduleMatch0.75
ORroderich_schupppar-packer_moduleMatch0.76
ORroderich_schupppar-packer_moduleMatch0.77
ORroderich_schupppar-packer_moduleMatch0.78
ORroderich_schupppar-packer_moduleMatch0.79
ORroderich_schupppar-packer_moduleMatch0.80
ORroderich_schupppar-packer_moduleMatch0.81
ORroderich_schupppar-packer_moduleMatch0.82
ORroderich_schupppar-packer_moduleMatch0.83
ORroderich_schupppar-packer_moduleMatch0.85
ORroderich_schupppar-packer_moduleMatch0.86
ORroderich_schupppar-packer_moduleMatch0.87
ORroderich_schupppar-packer_moduleMatch0.88
ORroderich_schupppar-packer_moduleMatch0.89
ORroderich_schupppar-packer_moduleMatch0.90
ORroderich_schupppar-packer_moduleMatch0.91
ORroderich_schupppar-packer_moduleMatch0.92
ORroderich_schupppar-packer_moduleMatch0.93
ORroderich_schupppar-packer_moduleMatch0.94
ORroderich_schupppar-packer_moduleMatch0.941
ORroderich_schupppar-packer_moduleMatch0.942
ORroderich_schupppar-packer_moduleMatch0.951
ORroderich_schupppar-packer_moduleMatch0.952
ORroderich_schupppar-packer_moduleMatch0.953
ORroderich_schupppar-packer_moduleMatch0.954
ORroderich_schupppar-packer_moduleMatch0.955
ORroderich_schupppar-packer_moduleMatch0.956
ORroderich_schupppar-packer_moduleMatch0.957
ORroderich_schupppar-packer_moduleMatch0.958
ORroderich_schupppar-packer_moduleMatch0.959
ORroderich_schupppar-packer_moduleMatch0.960
ORroderich_schupppar-packer_moduleMatch0.970
ORroderich_schupppar-packer_moduleMatch0.973
ORroderich_schupppar-packer_moduleMatch0.975
ORroderich_schupppar-packer_moduleMatch0.976
ORroderich_schupppar-packer_moduleMatch0.977
ORroderich_schupppar-packer_moduleMatch0.978
ORroderich_schupppar-packer_moduleMatch0.979
ORroderich_schupppar-packer_moduleMatch0.980
ORroderich_schupppar-packer_moduleMatch0.981
ORroderich_schupppar-packer_moduleMatch0.982
ORroderich_schupppar-packer_moduleMatch0.991
ORroderich_schupppar-packer_moduleMatch0.992_01
ORroderich_schupppar-packer_moduleMatch0.992_02
ORroderich_schupppar-packer_moduleMatch0.992_03
ORroderich_schupppar-packer_moduleMatch0.992_04
ORroderich_schupppar-packer_moduleMatch0.992_05
ORroderich_schupppar-packer_moduleMatch0.992_06
ORroderich_schupppar-packer_moduleMatch1.000
ORroderich_schupppar-packer_moduleMatch1.001
Related
ubuntucve
ubuntucve
CVE-2011-5060
2012-01-13 00:00:00
CVE-2011-4114
2012-01-13 00:00:00
cve
cve
CVE-2011-5060
2012-01-13 19:55:01
CVE-2011-4114
2012-01-13 18:55:03
prion
prion
Code injection
2012-01-13 19:55:00
Code injection
2012-01-13 18:55:00
debiancve
debiancve
CVE-2011-5060
2012-01-13 19:55:01
CVE-2011-4114
2012-01-13 18:55:03
cvelist
cvelist
CVE-2011-5060
2012-01-13 19:00:00
CVE-2011-4114
2012-01-13 18:00:00
openvas
openvas
Fedora Update for perl-PAR-Packer FEDORA-2011-16856
2012-04-02 00:00:00
Fedora Update for perl-PAR-Packer FEDORA-2011-16856
2012-04-02 00:00:00
Strawberry Perl Modules Multiple Vulnerabilities (Windows)
2012-01-17 00:00:00
nvd
nvd
CVE-2011-4114
2012-01-13 18:55:03
nessus
nessus
fedora
fedora
[SECURITY] Fedora 16 Update: perl-PAR-Packer-1.010-3.fc16
2011-12-21 16:58:35
[SECURITY] Fedora 15 Update: perl-PAR-1.002-4.fc15
2011-12-21 16:57:05
[SECURITY] Fedora 15 Update: perl-PAR-Packer-1.008-4.fc15
2011-12-21 16:57:05
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2011-5060