cbcvebase.
CVE-2004-0452
published 2004-12-21

CVE-2004-0452: Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to…

PriorityP410low2.6CVSS 2.0
AVLACHAuNCNIPAP
EPSS
0.41%
32.4th percentile
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.

Affected

27 ranges· showing 25
VendorProductVersion rangeFixed in
debianperl< perl 5.10.0-18 (bookworm)perl 5.10.0-18 (bookworm)
debianperl< perl 5.8.4-7 (bookworm)perl 5.8.4-7 (bookworm)
debianperl< perl 5.10.0-11 (bookworm)perl 5.10.0-11 (bookworm)
debianperl< perl 5.8.4-5 (bookworm)perl 5.8.4-5 (bookworm)
larry_wallperl
larry_wallperl
larry_wallperl
larry_wallperl
larry_wallperl
perlfile
perlperl
perlperl>= 0 < 5.10.0-185.10.0-18
perlperl>= 0 < 5.8.4-75.8.4-7
perlperl>= 0 < 5.8.4-55.8.4-5
perlperl>= 0 < 5.10.0-115.10.0-11
perlperl>= 0 < 5.10.0-185.10.0-18
perlperl>= 0 < 5.8.4-75.8.4-7
perlperl>= 0 < 5.8.4-55.8.4-5
perlperl>= 0 < 5.10.0-115.10.0-11
perlperl>= 0 < 5.10.0-185.10.0-18
perlperl>= 0 < 5.8.4-75.8.4-7
perlperl>= 0 < 5.8.4-55.8.4-5
perlperl>= 0 < 5.10.0-115.10.0-11
perlperl>= 0 < 5.10.0-185.10.0-18
perlperl>= 0 < 5.8.4-75.8.4-7

CVSS provenance

nvdv2.02.6LOWAV:L/AC:H/Au:N/C:N/I:P/A:P
osv2.6LOW
vendor_debian2.6LOW
vendor_redhat2.6LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.