Perl Unspecified Insecure Temporary File Creation Vulnerability

Perl is affected by an unspecified vulnerability -- it creates temporary files in an insecure manor. This issue is likely due to a design error whereby the application fails to verify the existence of a file before writing to it.

An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application. Reportedly, this issue is unlikely to facilitate privilege escalation.


 

Privacy Statement
Copyright 2010, SecurityFocus