CVE - CVE-2010-1168

CVE-ID
CVE-2010-1168	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1024062 URL:http://securitytracker.com/id?1024062 MISC:40049 URL:http://secunia.com/advisories/40049 MISC:40052 URL:http://secunia.com/advisories/40052 MISC:42402 URL:http://secunia.com/advisories/42402 MISC:ADV-2010-3075 URL:~~http://www.vupen.com/english/advisories/2010/3075~~ (Obsolete source) MISC:MDVSA-2010:115 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:115~~ (Obsolete source) MISC:MDVSA-2010:116 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:116~~ (Obsolete source) MISC:RHSA-2010:0457 URL:http://www.redhat.com/support/errata/RHSA-2010-0457.html MISC:RHSA-2010:0458 URL:http://www.redhat.com/support/errata/RHSA-2010-0458.html MISC:[oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request URL:http://www.openwall.com/lists/oss-security/2010/05/20/5 MISC:http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html URL:http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html MISC:~~http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in~~ (Obsolete source) URL:~~http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in~~ (Obsolete source) MISC:http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes URL:http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes MISC:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 URL:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 MISC:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 URL:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=576508 URL:https://bugzilla.redhat.com/show_bug.cgi?id=576508 MISC:oval:org.mitre.oval:def:7424 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7424 MISC:oval:org.mitre.oval:def:9807 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9807
Assigning CNA
Red Hat, Inc.
Date Record Created
20100329	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100329)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)