Unrated severityNVD Advisory· Published Dec 16, 2005· Updated Apr 16, 2026

CVE-2005-4278

Description

Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.

Affected products

Larry Wall/Perl17 versions
cpe:2.3:a:larry_wall:perl:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:larry_wall:perl:*:*:*:*:*:*:*:*range: <=5.8.6
- cpe:2.3:a:larry_wall:perl:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gentoo.org/security/en/glsa/glsa-200510-14.xmlnvdPatch
www.securityfocus.com/bid/15120nvdPatch
secunia.com/advisories/17232nvdVendor Advisory
secunia.com/advisories/55314nvd
www.osvdb.org/20086nvd
www.vupen.com/english/advisories/2005/2119nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000