Description
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Remediation
References
Related Vulnerabilities
Joomla Improper Input Validation Vulnerability (CVE-2015-8565)
WordPress Plugin iThemes Security (formerly Better WP Security) SQL Injection (7.0.2)
WordPress Plugin Simple Job Board Cross-Site Scripting (2.9.4)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-28333)