CVE Vulnerabilities

CVE-2011-5060

Published: Jan 13, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.3 LOW
AV:L/AC:M/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.

Affected Software

Name Vendor Start Version End Version
Par-packer_module Roderich_schupp * 1.002 (including)
Par-packer_module Roderich_schupp 0.63 (including) 0.63 (including)
Par-packer_module Roderich_schupp 0.64 (including) 0.64 (including)
Par-packer_module Roderich_schupp 0.65 (including) 0.65 (including)
Par-packer_module Roderich_schupp 0.66 (including) 0.66 (including)
Par-packer_module Roderich_schupp 0.67 (including) 0.67 (including)
Par-packer_module Roderich_schupp 0.68 (including) 0.68 (including)
Par-packer_module Roderich_schupp 0.69 (including) 0.69 (including)
Par-packer_module Roderich_schupp 0.70 (including) 0.70 (including)
Par-packer_module Roderich_schupp 0.71 (including) 0.71 (including)
Par-packer_module Roderich_schupp 0.72 (including) 0.72 (including)
Par-packer_module Roderich_schupp 0.73 (including) 0.73 (including)
Par-packer_module Roderich_schupp 0.74 (including) 0.74 (including)
Par-packer_module Roderich_schupp 0.75 (including) 0.75 (including)
Par-packer_module Roderich_schupp 0.76 (including) 0.76 (including)
Par-packer_module Roderich_schupp 0.77 (including) 0.77 (including)
Par-packer_module Roderich_schupp 0.78 (including) 0.78 (including)
Par-packer_module Roderich_schupp 0.79 (including) 0.79 (including)
Par-packer_module Roderich_schupp 0.80 (including) 0.80 (including)
Par-packer_module Roderich_schupp 0.81 (including) 0.81 (including)
Par-packer_module Roderich_schupp 0.82 (including) 0.82 (including)
Par-packer_module Roderich_schupp 0.83 (including) 0.83 (including)
Par-packer_module Roderich_schupp 0.85 (including) 0.85 (including)
Par-packer_module Roderich_schupp 0.86 (including) 0.86 (including)
Par-packer_module Roderich_schupp 0.87 (including) 0.87 (including)
Par-packer_module Roderich_schupp 0.88 (including) 0.88 (including)
Par-packer_module Roderich_schupp 0.89 (including) 0.89 (including)
Par-packer_module Roderich_schupp 0.90 (including) 0.90 (including)
Par-packer_module Roderich_schupp 0.91 (including) 0.91 (including)
Par-packer_module Roderich_schupp 0.92 (including) 0.92 (including)
Par-packer_module Roderich_schupp 0.93 (including) 0.93 (including)
Par-packer_module Roderich_schupp 0.94 (including) 0.94 (including)
Par-packer_module Roderich_schupp 0.941 (including) 0.941 (including)
Par-packer_module Roderich_schupp 0.942 (including) 0.942 (including)
Par-packer_module Roderich_schupp 0.951 (including) 0.951 (including)
Par-packer_module Roderich_schupp 0.952 (including) 0.952 (including)
Par-packer_module Roderich_schupp 0.953 (including) 0.953 (including)
Par-packer_module Roderich_schupp 0.954 (including) 0.954 (including)
Par-packer_module Roderich_schupp 0.955 (including) 0.955 (including)
Par-packer_module Roderich_schupp 0.956 (including) 0.956 (including)
Par-packer_module Roderich_schupp 0.957 (including) 0.957 (including)
Par-packer_module Roderich_schupp 0.958 (including) 0.958 (including)
Par-packer_module Roderich_schupp 0.959 (including) 0.959 (including)
Par-packer_module Roderich_schupp 0.960 (including) 0.960 (including)
Par-packer_module Roderich_schupp 0.970 (including) 0.970 (including)
Par-packer_module Roderich_schupp 0.973 (including) 0.973 (including)
Par-packer_module Roderich_schupp 0.975 (including) 0.975 (including)
Par-packer_module Roderich_schupp 0.976 (including) 0.976 (including)
Par-packer_module Roderich_schupp 0.977 (including) 0.977 (including)
Par-packer_module Roderich_schupp 0.978 (including) 0.978 (including)
Par-packer_module Roderich_schupp 0.979 (including) 0.979 (including)
Par-packer_module Roderich_schupp 0.980 (including) 0.980 (including)
Par-packer_module Roderich_schupp 0.981 (including) 0.981 (including)
Par-packer_module Roderich_schupp 0.982 (including) 0.982 (including)
Par-packer_module Roderich_schupp 0.991 (including) 0.991 (including)
Par-packer_module Roderich_schupp 0.992_01 (including) 0.992_01 (including)
Par-packer_module Roderich_schupp 0.992_02 (including) 0.992_02 (including)
Par-packer_module Roderich_schupp 0.992_03 (including) 0.992_03 (including)
Par-packer_module Roderich_schupp 0.992_04 (including) 0.992_04 (including)
Par-packer_module Roderich_schupp 0.992_05 (including) 0.992_05 (including)
Par-packer_module Roderich_schupp 0.992_06 (including) 0.992_06 (including)
Par-packer_module Roderich_schupp 1.000 (including) 1.000 (including)
Par-packer_module Roderich_schupp 1.001 (including) 1.001 (including)
Libpar-perl Ubuntu hardy *
Libpar-perl Ubuntu lucid *
Libpar-perl Ubuntu maverick *
Libpar-perl Ubuntu natty *
Libpar-perl Ubuntu oneiric *
Libpar-perl Ubuntu upstream *

References