Unrated severityNVD Advisory· Published Oct 6, 2014· Updated May 6, 2026
CVE-2014-1875
CVE-2014-1875
Description
The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file.
Affected products
4cpe:2.3:a:cspan:capture-tiny:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cspan:capture-tiny:*:*:*:*:*:*:*:*range: <=0.23
- cpe:2.3:a:cspan:capture-tiny:0.20:*:*:*:*:*:*:*
- cpe:2.3:a:cspan:capture-tiny:0.21:*:*:*:*:*:*:*
- cpe:2.3:a:cspan:capture-tiny:0.22:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- seclists.org/oss-sec/2014/q1/267nvdExploit
- bugs.debian.org/cgi-bin/bugreport.cginvdExploit
- github.com/dagolden/Capture-Tiny/issues/16nvdExploit
- cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changesnvd
- lists.fedoraproject.org/pipermail/package-announce/2014-February/128823.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2014-February/128882.htmlnvd
- osvdb.org/102963nvd
- seclists.org/oss-sec/2014/q1/272nvd
- secunia.com/advisories/56823nvd
- www.securityfocus.com/bid/65475nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/91464nvd
- github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924nvd
News mentions
0No linked articles in our index yet.