Wind River Support Network

HomeDefectsLIN7-9884
Fixed

LIN7-9884 : Security Advisory - perl - CVE-2018-12015

Created: Jun 15, 2018    Updated: Sep 13, 2018
Resolved Date: Jun 21, 2018
Found In Version: 7.0.0.28
Fix Version: 7.0.0.29
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

https://nvd.nist.gov/vuln/detail/CVE-2018-12015

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube