37 matches found
Directory traversal
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
CVE-2016-6185
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
CVE-2016-6185
The CVE-2016-6185 issue involves Perl’s XSLoader::load potentially locating and loading a shared library from an incorrect location when called from a string eval, enabling arbitrary code execution by a local attacker via a Trojan horse library in the current working directory. Public reports (De...
CVE-2016-6185
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
UBUNTU-CVE-2016-6185
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
CVE-2016-6185
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
Debian: Security Advisory (DSA-3628-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-565-1 : perl security update
Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make...
[SECURITY] [DLA 565-1] perl security update
Package : perl Version : 5.14.2-21+deb7u4 CVE ID : CVE-2016-1238 CVE-2016-6185 Debian Bug : 829578 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-1238 Joh...
DLA-565-1 perl - security update
Bulletin has no description...
[SECURITY] [DSA 3628-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3628-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...
PT-2016-6790 · Perl +2 · Xloader +2
Name of the Vulnerable Software and Affected Versions: Perl affected versions not specified Description: The XSLoader::load method in XSLoader does not properly locate .so files when called in a string eval. This might allow local users to execute arbitrary code via a Trojan horse library under t...
DSA-3628-1 perl - security update
Bulletin has no description...
Perl Local Elevation of Privilege Vulnerability
Perl is a free and powerful cross-platform programming language developed by American programmer Larry Wall. A security vulnerability exists in Perl. A local attacker can exploit this vulnerability by supplying specially crafted data to the XSLoader component to gain privileges on the target syst...
CVE-2016-6185
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
p5-XSLoader -- local arbitrary code execution
Jakub Wilk reports: XSLoader tries to load code from a subdirectory in the cwd when called inside a string eval...