Description
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Remediation
References
Related Vulnerabilities
WordPress Plugin Admin Custom Login Cross-Site Request Forgery (3.2.7)
WordPress Plugin File Manager Unspecified Vulnerability (4.1.4)
WordPress Plugin Chained Quiz SQL Injection (1.0.8)
WordPress Plugin Loco Translate Local File Inclusion (2.2.1)
WordPress Plugin KNR Author List Widget 'listItem[]' Parameter SQL Injection (2.0.0)