Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2012-2451
HistoryJun 27, 2012 - 9:55 p.m.

Cross site scripting

2012-06-2721:55:00
PRIOn knowledge base
www.prio-n.com
3

6.6 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.

CPENameOperatorVersion
config-inifilesle2.70

Related

nessus 6
fedora 3
seebug 1
openvas 12
gentoo 1
ubuntucve 1
securityvulns 2
ubuntu 1
freebsd 1
cve 1
cvelist 1
debiancve 1
nessus
nessus
Fedora 17 : perl-Config-IniFiles-2.72-1.fc17 (2012-7763)
2012-05-29 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libconfig-inifiles-perl vulnerability (USN-1543-1)
2012-08-21 00:00:00
GLSA-201208-05 : Perl Config-IniFiles Module: Insecure temporary file usage
2012-08-15 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: perl-Config-IniFiles-2.72-1.fc17
2012-05-26 08:05:05
[SECURITY] Fedora 16 Update: perl-Config-IniFiles-2.72-1.fc16
2012-05-22 02:26:12
[SECURITY] Fedora 15 Update: perl-Config-IniFiles-2.72-1.fc15
2012-05-22 02:25:07
seebug
seebug
Perl Config::IniFiles Moduleไธๅฎ‰ๅ…จไธดๆ—ถๆ–‡ไปถๅˆ›ๅปบๆผๆดž
2012-05-04 00:00:00
openvas
openvas
Ubuntu Update for libconfig-inifiles-perl USN-1543-1
2012-08-21 00:00:00
Fedora Update for perl-Config-IniFiles FEDORA-2012-7777
2012-05-22 00:00:00
Fedora Update for perl-Config-IniFiles FEDORA-2012-7802
2012-05-22 00:00:00
gentoo
gentoo
Perl Config-IniFiles Module: Insecure temporary file usage
2012-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2012-2451
2012-06-27 00:00:00
securityvulns
securityvulns
[USN-1543-1] Config-IniFiles vulnerability
2012-09-03 00:00:00
Config::IniFiles symbolic links vulnerability
2012-09-03 00:00:00
ubuntu
ubuntu
Config-IniFiles vulnerability
2012-08-20 00:00:00
freebsd
freebsd
p5-Config-IniFiles -- unsafe temporary file creation
2012-05-02 00:00:00
cve
cve
CVE-2012-2451
2012-06-27 21:55:00
cvelist
cvelist
CVE-2012-2451
2012-06-27 21:00:00
debiancve
debiancve
CVE-2012-2451
2012-06-27 21:55:00

6.6 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON
Related for PRION:CVE-2012-2451
nessus6fedora3seebug1openvas12gentoo1ubuntucve1securityvulns2ubuntu1freebsd1cve1cvelist1debiancve1