Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-5060
HistoryJan 13, 2012 - 12:00 a.m.

CVE-2011-5060

2012-01-1300:00:00
ubuntu.com
ubuntu.com
11

3.3 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

The par_mktmpdir function in the PAR module before 1.003 for Perl creates
temporary files in a directory with a predictable name without verifying
ownership and permissions of this directory, which allows local users to
overwrite files when another user extracts a PAR packed program, a
different vulnerability in a different package than CVE-2011-4114.

Bugs

Notes

Author Note
sbeattie upstream and debian fixed this issue in libpar-packer-perl and libpar-perl identifying it as CVE-2011-4114; libpar-perl subsequently got split off into this cve.

Related

prion 2
ubuntucve 1
cve 2
debiancve 2
openvas 12
nessus 2
fedora 4
prion
prion
Code injection
2012-01-13 19:55:00
Code injection
2012-01-13 18:55:00
ubuntucve
ubuntucve
CVE-2011-4114
2012-01-13 00:00:00
cve
cve
CVE-2011-5060
2012-01-13 19:55:00
CVE-2011-4114
2012-01-13 18:55:00
debiancve
debiancve
CVE-2011-5060
2012-01-13 19:55:00
CVE-2011-4114
2012-01-13 18:55:00
openvas
openvas
Strawberry Perl Modules Multiple Vulnerabilities (Windows)
2012-01-17 00:00:00
Active Perl Modules Multiple Vulnerabilities - Windows
2013-03-27 00:00:00
Active Perl Modules Multiple Vulnerabilities (Windows)
2013-03-27 00:00:00
nessus
nessus
Fedora 15 : perl-PAR-1.002-4.fc15 / perl-PAR-Packer-1.008-4.fc15 (2011-16859)
2011-12-22 00:00:00
Fedora 16 : perl-PAR-1.002-5.fc16 / perl-PAR-Packer-1.010-3.fc16 (2011-16856)
2011-12-22 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: perl-PAR-Packer-1.008-4.fc15
2011-12-21 16:57:05
[SECURITY] Fedora 15 Update: perl-PAR-1.002-4.fc15
2011-12-21 16:57:05
[SECURITY] Fedora 16 Update: perl-PAR-1.002-5.fc16
2011-12-21 16:58:35

3.3 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON
Related for UB:CVE-2011-5060
prion2ubuntucve1cve2debiancve2openvas12nessus2fedora4