Vulnerability Details CVE-2005-4278
Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.1%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/17232
- http://secunia.com/advisories/55314
- http://www.gentoo.org/security/en/glsa/glsa-200510-14.xml
- http://www.osvdb.org/20086
- http://www.securityfocus.com/bid/15120
- http://www.vupen.com/english/advisories/2005/2119
- http://secunia.com/advisories/17232
- http://secunia.com/advisories/55314
- http://www.gentoo.org/security/en/glsa/glsa-200510-14.xml
- http://www.osvdb.org/20086
- http://www.securityfocus.com/bid/15120
- http://www.vupen.com/english/advisories/2005/2119
Products affected by CVE-2005-4278
-
cpe:2.3:a:larry_wall:perl:*
-
cpe:2.3:a:larry_wall:perl:5.3
-
cpe:2.3:a:larry_wall:perl:5.4
-
cpe:2.3:a:larry_wall:perl:5.4.5
-
cpe:2.3:a:larry_wall:perl:5.5
-
cpe:2.3:a:larry_wall:perl:5.5.3
-
cpe:2.3:a:larry_wall:perl:5.6.1
-
cpe:2.3:a:larry_wall:perl:5.8.0
-
cpe:2.3:a:larry_wall:perl:5.8.1
-
cpe:2.3:a:larry_wall:perl:5.8.3
-
cpe:2.3:a:larry_wall:perl:5.8.4
-
cpe:2.3:a:larry_wall:perl:5.8.4.1
-
cpe:2.3:a:larry_wall:perl:5.8.4.2
-
cpe:2.3:a:larry_wall:perl:5.8.4.2.3
-
cpe:2.3:a:larry_wall:perl:5.8.4.3
-
cpe:2.3:a:larry_wall:perl:5.8.4.4
-
cpe:2.3:a:larry_wall:perl:5.8.4.5