VYPR

Suidperl

by Perl Foundation

CVEs (3)

  • CVE-2000-0703Oct 20, 2000
    risk 0.03cvss epss 0.01

    suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape…

  • CVE-1999-0034May 29, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.

  • CVE-2003-0618May 4, 2004
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.