The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
perl perl |
||
fedoraproject fedora 22 |
||
fedoraproject fedora 24 |
||
fedoraproject fedora 23 |
||
debian debian linux 8.0 |
||
oracle solaris 11.3 |
||
oracle solaris 10 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 14.04 |