Lucene search
PRIOn knowledge basePRION:CVE-2016-10374HistoryMay 17, 2017 - 7:29 p.m.
Code injection
2017-05-1719:29:00
PRIOn knowledge base
www.prio-n.com
2
perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which allows local users to overwrite arbitrary files by creating a symlink, as demonstrated by creating a perltidy.ERR symlink that the victim cannot delete.
References
Related
openvas
openvas
Fedora Update for perltidy FEDORA-2017-1f11501a9f
2017-06-13 00:00:00
Mageia: Security Advisory (MGASA-2017-0301)
2022-01-28 00:00:00
Fedora Update for perltidy FEDORA-2017-a3c7d077c7
2017-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: perltidy-20170521-1.fc25
2017-06-11 23:33:20
[SECURITY] Fedora 26 Update: perltidy-20170521-1.fc26
2017-06-09 19:53:54
[SECURITY] Fedora 24 Update: perltidy-20170521-1.fc24
2017-06-11 21:52:02
debiancve
debiancve
CVE-2016-10374
2022-10-03 16:16:39
redhatcve
redhatcve
CVE-2016-10374
2017-05-18 09:21:53
nessus
nessus
RHEL 6 : perltidy (Unpatched Vulnerability)
2024-05-11 00:00:00
Fedora 25 : perltidy (2017-a3c7d077c7)
2017-06-12 00:00:00
Fedora 26 : perltidy (2017-c76259ddea)
2017-07-17 00:00:00
nvd
nvd
CVE-2016-10374
2017-05-17 19:29:00
mageia
mageia
Updated perltidy packages fix security vulnerability
2017-08-25 00:18:23
cve
cve
CVE-2016-10374
2022-10-03 16:16:39
ubuntucve
ubuntucve
CVE-2016-10374
2017-05-17 00:00:00
cvelist
cvelist
CVE-2016-10374
2022-10-03 16:16:39