perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
2009-03-16T17:30:00.390
2025-04-09T00:30:58.490
Deferred
CVSSv2: 7.2 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mandriva | multi_network_firewall | 2.0 | Yes |
| Operating System | mandriva | linux | 2008.0 | Yes |
| Operating System | mandriva | linux | 2008.0 | Yes |
| Operating System | mandriva | linux | 2008.1 | Yes |
| Operating System | mandriva | linux | 2008.1 | Yes |
| Operating System | mandriva | linux | 2009.0 | Yes |
| Operating System | mandriva | linux | 2009.0 | Yes |
| Operating System | mandriva | linux_corporate_server | 3.0 | Yes |
| Operating System | mandriva | linux_corporate_server | 3.0 | Yes |
| Operating System | mandriva | linux_corporate_server | 4.0 | Yes |
| Operating System | mandriva | linux_corporate_server | 4.0 | Yes |