Safe.pm 2.24 and earlier, when used in Perl 5.10.0 and earlier, may allow
attackers to break out of safe compartment in (1) Safe::reval or (2) Safe::rdo
using implicitly called methods (such as DESTROY or AUTOLOAD) on implicitly
blessed Perl objects, returned as a result of unsafe code evaluation. These
methods could have been executed unrestricted by Safe, when such objects were
accessed or destroyed.
If a victim was tricked into running a specially-crafted Perl script, using
Safe extension module, it could lead to intended Safe module restriction bypass.
Different vulnerability than CVE-2010-1447.
Solution: Upgrade to Safe.pm v2.25 or higher.
References:
[1] http://search.cpan.org/~rgarcia/Safe-2.27/Safe.pm
Acknowledgements:
Red Hat would like to thank Tim Bunce for responsibly reporting this issue. Upstream acknowledges Nick Cleaton as the original reporter.