7.5

CVE-2010-1168

EPSS 2.52%
Published 21.06.2010 16:30:01
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods."

Affected products Warnungen 0 Metrics 2 CWE 0 References 21

Data is provided by the National Vulnerability Database (NVD)

Rafael Garcia-suarez ≫ Safe Version2.08

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.09

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.11

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.13

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.14

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.15

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.16

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.17

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.18

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.19

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.20

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.21

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.22

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.23

Perl ≫ Perl

Rafael Garcia-suarez ≫ Safe Version2.24

Perl ≫ Perl

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.52%	0.849

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

http://secunia.com/advisories/40052

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2010:116

http://www.redhat.com/support/errata/RHSA-2010-0458.html

Vendor Advisory

http://www.openwall.com/lists/oss-security/2010/05/20/5

http://secunia.com/advisories/40049

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2010:115

http://www.redhat.com/support/errata/RHSA-2010-0457.html

Vendor Advisory

http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html

http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in

http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes

http://secunia.com/advisories/42402

http://securitytracker.com/id?1024062

Vendor Advisory

http://www.vupen.com/english/advisories/2010/3075

https://bugzilla.redhat.com/show_bug.cgi?id=576508

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7424

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9807

https://nvd.nist.gov/vuln/detail/CVE-2010-1168

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-1168

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-1168

EUVD