CVE - CVE-2002-1323

CVE-ID
CVE-2002-1323	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:6111 URL:http://www.securityfocus.com/bid/6111 BUGTRAQ:20021216 [OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl) URL:http://marc.info/?l=bugtraq&m=104005919814869&w=2 BUGTRAQ:20021219 TSLSA-2002-0087 - perl URL:http://marc.info/?l=bugtraq&m=104033126305252&w=2 BUGTRAQ:20021220 GLSA: perl URL:http://marc.info/?l=bugtraq&m=104040175522502&w=2 CALDERA:CSSA-2004-007.0 URL:~~ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-007.0.txt~~ (Obsolete source - check if archived by the Wayback Machine) CONFIRM:http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744 CONFIRM:http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5 DEBIAN:DSA-208 URL:http://www.debian.org/security/2002/dsa-208 OSVDB:2183 URL:~~http://www.osvdb.org/2183~~ (Obsolete source) OSVDB:3814 URL:~~http://www.osvdb.org/3814~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:1160 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1160 REDHAT:RHSA-2003:256 URL:http://www.redhat.com/support/errata/RHSA-2003-256.html REDHAT:RHSA-2003:257 URL:http://www.redhat.com/support/errata/RHSA-2003-257.html SCO:SCOSA-2004.1 URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.1/SCOSA-2004.1.txt SGI:20030606-01-A URL:ftp://patches.sgi.com/support/free/security/advisories/20030606-01-A VULNWATCH:20021105 Perl Safe.pm compartment reuse vuln URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0061.html XF:safe-pm-bypass-restrictions(10574) URL:~~http://www.iss.net/security_center/static/10574.php~~ (Obsolete source - check if archived by the Wayback Machine)
Date Record Created
20040901	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)