Vulnerability in Safe.pm
CVE-2002-1323
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
EPSS: 0.005 (36.5th percentile) — read the EPSS interpretation.
Affected products
- Safe.pm — versions 2.0_6, 2.0_7
- Sco Open_unix — versions 8.0
- Sco Unixware — versions 7.1.2, 7.1.3
- Sgi Irix — versions 6.5, 6.5.1, 6.5.2
- Sun Linux — versions 5.0.7
- Sun Solaris — versions 8.0, 9.0
- Sun Sunos — versions 5.8
- Redhat Enterprise_linux — versions 2.1
- Redhat Linux_advanced_workstation — versions 2.1
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, Vendor Advisory, x_refsource_XF)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)