Description
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
Remediation
References
Related Vulnerabilities
Envoy Proxy Incomplete Cleanup Vulnerability (CVE-2023-35945)
WordPress Plugin Ultimate Responsive Image Slider Unspecified Vulnerability (3.3.2)
Magento Cryptographic Issues Vulnerability (CVE-2019-7886)
Opencart Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-40834)
WordPress Plugin OdiHost Newsletter 'openstat.php' SQL Injection (1.0)