CVE-2002-1323

Severity

46%

Complexity

39%

Confidentiality

106%

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 22 years ago

2002-12-11 05:00:00

Last updated 6 years ago

2018-10-30 16:25:00

Affected Software

SGI IRIX 6.5

6.5

SGI IRIX 6.5.1

6.5.1

SGI IRIX 6.5.2

6.5.2

SGI IRIX 6.5.3

6.5.3

SGI IRIX 6.5.4

6.5.4

SGI IRIX 6.5.5

6.5.5

SGI IRIX 6.5.6

6.5.6

SGI IRIX 6.5.7

6.5.7

SGI IRIX 6.5.8

6.5.8

SGI IRIX 6.5.9

6.5.9

SGI IRIX 6.5.10

6.5.10

SGI IRIX 6.5.11

6.5.11

SGI IRIX 6.5.12

6.5.12

SGI IRIX 6.5.13

6.5.13

SGI IRIX 6.5.14

6.5.14

SGI IRIX 6.5.15

6.5.15

SGI IRIX 6.5.16

6.5.16

SGI IRIX 6.5.17

6.5.17

SGI IRIX 6.5.17f

6.5.17f

SGI IRIX 6.5.17m

6.5.17m

SGI IRIX 6.5.18

6.5.18

SGI IRIX 6.5.18f

6.5.18f

SGI IRIX 6.5.18m

6.5.18m

SGI IRIX 6.5.19

6.5.19

SGI IRIX 6.5.19f

6.5.19f

SGI IRIX 6.5.19m

6.5.19m

SGI IRIX 6.5.20f

6.5.20f

SGI IRIX 6.5.20m

6.5.20m

SGI IRIX 6.5.21f

6.5.21f

SGI IRIX 6.5.21m

6.5.21m

SGI IRIX 6.5.22

6.5.22

Red Hat Linux Advanced Workstation 2.1

2.1

Sun SunOS (Solaris 8) 5.8

5.8

References

CSSA-2004-007.0

SCOSA-2004.1

20030606-01-A

20021105 Perl Safe.pm compartment reuse vuln

http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744

20021216 [OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl)

20021219 TSLSA-2002-0087 - perl

20021220 GLSA: perl

http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5

Patch

DSA-208

Patch, Vendor Advisory

safe-pm-bypass-restrictions(10574)

Vendor Advisory

2183

3814

RHSA-2003:256

RHSA-2003:257

6111

Patch, Vendor Advisory

oval:org.mitre.oval:def:1160

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.