Unrated severityNVD Advisory· Published Jan 13, 2012· Updated Jun 16, 2026
CVE-2011-4114
CVE-2011-4114
Description
The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE: a similar vulnerability was reported for PAR, but this has been assigned a different CVE identifier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
74cpe:2.3:a:roderich_schupp:par-packer_module:*:*:*:*:*:*:*:*+ 71 more
- cpe:2.3:a:roderich_schupp:par-packer_module:*:*:*:*:*:*:*:*range: <=1.011
- cpe:2.3:a:roderich_schupp:par-packer_module:0.63:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.64:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.65:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.66:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.67:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.68:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.69:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.70:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.71:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.72:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.73:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.74:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.75:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.76:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.77:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.78:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.79:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.80:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.81:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.82:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.83:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.85:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.86:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.87:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.88:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.89:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.93:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.94:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.941:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.942:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.951:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.952:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.953:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.954:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.955:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.956:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.957:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.958:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.959:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.960:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.970:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.973:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.975:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.976:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.977:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.978:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.979:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.980:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.981:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.982:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.991:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.992_01:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.992_02:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.992_03:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.992_04:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.992_05:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:0.992_06:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.000:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.001:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.002:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.003:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.004:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.005:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.006:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.007:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.008:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.009:*:*:*:*:*:*:*
- cpe:2.3:a:roderich_schupp:par-packer_module:1.010:*:*:*:*:*:*:*
- Range: <1.012
Patches
Vulnerability mechanics
References
6- lists.fedoraproject.org/pipermail/package-announce/2011-December/071099.htmlnvdPatch
- bugzilla.redhat.com/show_bug.cginvdPatch
- lists.fedoraproject.org/pipermail/package-announce/2011-December/071091.htmlnvd
- www.openwall.com/lists/oss-security/2011/11/04/2nvd
- www.openwall.com/lists/oss-security/2011/11/04/4nvd
- rt.cpan.org/Public/Bug/Display.htmlnvd
News mentions
0No linked articles in our index yet.