Larry Wall: >> Perl >> 5.5.3 Security Vulnerabilities
Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
CVSS Score
7.2
EPSS Score
0.001
Published
2005-12-16
Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow.
CVSS Score
7.5
EPSS Score
0.075
Published
2004-12-31
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-10-20