CVE-1999-1386

Published: 3/9/2002 Last updated: 8/1/2024 Reserved: 8/31/2001

Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

bap-std conf-perl goblint-cil

Products affected (2)

Product	Vendor	Version
n/a	n/a	< a18670395e5f28acddeca037c5e4bd2ea961b70a
n/a	n/a	< 8.5.21

References (12)

http://www.redhat.com/support/errata/rh50-errata-general.html#perl
http://marc.info/?l=bugtraq&m=88932165406213&w=2
http://www.iss.net/security_center/static/7243.php
http://www.redhat.com/support/errata/rh50-errata-general.html#perl
http://marc.info/?l=bugtraq&m=88932165406213&w=2
http://www.iss.net/security_center/static/7243.php
http://www.redhat.com/support/errata/rh50-errata-general.html#perl
http://marc.info/?l=bugtraq&m=88932165406213&w=2
http://www.iss.net/security_center/static/7243.php
http://www.redhat.com/support/errata/rh50-errata-general.html#perl
http://marc.info/?l=bugtraq&m=88932165406213&w=2
http://www.iss.net/security_center/static/7243.php