Vulnerabilities > Larry Wall
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-07 | CVE-2007-5116 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. | 7.5 |
| 2005-12-16 | CVE-2005-4278 | Packages Insecure RUNPATH vulnerability in Gentoo Linux Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | 7.2 |
| 2005-05-02 | CVE-2005-0448 | Local Race Condition Privilege Escalation vulnerability in Perl 'rmdir()' Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452. | 1.2 |
| 2005-02-09 | CVE-2004-0976 | Insecure Temporary File Creation vulnerability in Perl Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | 2.1 |
| 2004-12-31 | CVE-2004-2286 | Integer Overflow vulnerability in Multiple Perl Implementation Duplication Operator Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow. | 7.5 |
| 2004-12-21 | CVE-2004-0452 | Local Race Condition vulnerability in Perl RMTree Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack. | 2.6 |
| 2004-05-04 | CVE-2004-0377 | Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character. | 10.0 |
| 2003-12-31 | CVE-2003-0900 | Remote Security vulnerability in Larry Wall Perl 5.8.1 Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers. | 5.0 |
| 2000-10-20 | CVE-2000-0703 | Unspecified vulnerability in Larry Wall Perl suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence. | 7.2 |
| 1997-05-29 | CVE-1999-0034 | Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. | 7.2 |