Unrated severityNVD Advisory· Published Jun 23, 2008· Updated Apr 23, 2026

CVE-2008-2827

Description

The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.

Affected products

Perl Foundation/Perl
cpe:2.3:a:perl:perl:5.10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.debian.org/cgi-bin/bugreport.cginvdExploit
rt.cpan.org/Public/Bug/Display.htmlnvdExploit
lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlnvd
secunia.com/advisories/30790nvd
secunia.com/advisories/30837nvd
secunia.com/advisories/31687nvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/bid/29902nvd
www.securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/43308nvd
www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000