Unknown
CVE-2011-4114
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE: a similar vulnerability was reported for PAR, but this has been assigned a different CVE identifier.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
- roderich schupp
Products
- par-packer module,
- par-packer module 0.63,
- par-packer module 0.64,
- par-packer module 0.65,
- par-packer module 0.66,
- par-packer module 0.67,
- par-packer module 0.68,
- par-packer module 0.69,
- par-packer module 0.70,
- par-packer module 0.71,
- par-packer module 0.72,
- par-packer module 0.73,
- par-packer module 0.74,
- par-packer module 0.75,
- par-packer module 0.76,
- par-packer module 0.77,
- par-packer module 0.78,
- par-packer module 0.79,
- par-packer module 0.80,
- par-packer module 0.81,
- par-packer module 0.82,
- par-packer module 0.83,
- par-packer module 0.85,
- par-packer module 0.86,
- par-packer module 0.87,
- par-packer module 0.88,
- par-packer module 0.89,
- par-packer module 0.90,
- par-packer module 0.91,
- par-packer module 0.92,
- par-packer module 0.93,
- par-packer module 0.94,
- par-packer module 0.941,
- par-packer module 0.942,
- par-packer module 0.951,
- par-packer module 0.952,
- par-packer module 0.953,
- par-packer module 0.954,
- par-packer module 0.955,
- par-packer module 0.956,
- par-packer module 0.957,
- par-packer module 0.958,
- par-packer module 0.959,
- par-packer module 0.960,
- par-packer module 0.970,
- par-packer module 0.973,
- par-packer module 0.975,
- par-packer module 0.976,
- par-packer module 0.977,
- par-packer module 0.978,
- par-packer module 0.979,
- par-packer module 0.980,
- par-packer module 0.981,
- par-packer module 0.982,
- par-packer module 0.991,
- par-packer module 0.992 01,
- par-packer module 0.992 02,
- par-packer module 0.992 03,
- par-packer module 0.992 04,
- par-packer module 0.992 05,
- par-packer module 0.992 06,
- par-packer module 1.000,
- par-packer module 1.001,
- par-packer module 1.002,
- par-packer module 1.003,
- par-packer module 1.004,
- par-packer module 1.005,
- par-packer module 1.006,
- par-packer module 1.007,
- par-packer module 1.008,
- par-packer module 1.009,
- par-packer module 1.010
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: