Perl 5.004_04 and previous versions follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
perl perl |