Lucene search
Redhat.comRH:CVE-2016-10374HistoryMay 18, 2017 - 9:21 a.m.
CVE-2016-10374
2017-05-1809:21:53
redhat.com
access.redhat.com
5
0.0004 Low
EPSS
Percentile
5.1%
perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which allows local users to overwrite arbitrary files by creating a symlink, as demonstrated by creating a perltidy.ERR symlink that the victim cannot delete.
Related
openvas
openvas
Fedora Update for perltidy FEDORA-2017-1f11501a9f
2017-06-13 00:00:00
Mageia: Security Advisory (MGASA-2017-0301)
2022-01-28 00:00:00
Fedora Update for perltidy FEDORA-2017-a3c7d077c7
2017-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: perltidy-20170521-1.fc25
2017-06-11 23:33:20
[SECURITY] Fedora 26 Update: perltidy-20170521-1.fc26
2017-06-09 19:53:54
[SECURITY] Fedora 24 Update: perltidy-20170521-1.fc24
2017-06-11 21:52:02
debiancve
debiancve
CVE-2016-10374
2022-10-03 16:16:39
nessus
nessus
Fedora 25 : perltidy (2017-a3c7d077c7)
2017-06-12 00:00:00
Fedora 26 : perltidy (2017-c76259ddea)
2017-07-17 00:00:00
RHEL 7 : perltidy (Unpatched Vulnerability)
2024-06-03 00:00:00
mageia
mageia
Updated perltidy packages fix security vulnerability
2017-08-25 00:18:23
cve
cve
CVE-2016-10374
2022-10-03 16:16:39
nvd
nvd
CVE-2016-10374
2017-05-17 19:29:00
ubuntucve
ubuntucve
CVE-2016-10374
2017-05-17 00:00:00
prion
prion
Code injection
2017-05-17 19:29:00
cvelist
cvelist
CVE-2016-10374
2022-10-03 16:16:39