CVE-2010-1168

NameCVE-2010-1168
DescriptionThe Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods."
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
Debian Bugs582978

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
perl (PTS)buster5.28.1-6+deb10u1fixed
bullseye5.32.1-4+deb11u2fixed
bullseye (security)5.32.1-4+deb11u1fixed
bookworm5.34.0-4fixed
sid5.34.0-5fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
perlsourcelenny5.10.0-19lenny3
perlsource(unstable)5.10.1-13582978

Search for package or bug name: Reporting problems