mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
133 lines
4.5 KiB
JSON
133 lines
4.5 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2011-1487",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "[oss-security] 20110401 CVE Request -- perl -- lc(), uc() routines are laundering tainted data",
|
|
"refsource" : "MLIST",
|
|
"url" : "http://openwall.com/lists/oss-security/2011/04/01/3"
|
|
},
|
|
{
|
|
"name" : "[oss-security] 20110404 Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted data",
|
|
"refsource" : "MLIST",
|
|
"url" : "http://openwall.com/lists/oss-security/2011/04/04/35"
|
|
},
|
|
{
|
|
"name" : "http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99"
|
|
},
|
|
{
|
|
"name" : "http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336"
|
|
},
|
|
{
|
|
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=692844",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=692844"
|
|
},
|
|
{
|
|
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=692898",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=692898"
|
|
},
|
|
{
|
|
"name" : "DSA-2265",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2011/dsa-2265"
|
|
},
|
|
{
|
|
"name" : "FEDORA-2011-4610",
|
|
"refsource" : "FEDORA",
|
|
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html"
|
|
},
|
|
{
|
|
"name" : "FEDORA-2011-4631",
|
|
"refsource" : "FEDORA",
|
|
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2011:091",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:091"
|
|
},
|
|
{
|
|
"name" : "SUSE-SR:2011:009",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
|
|
},
|
|
{
|
|
"name" : "47124",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/47124"
|
|
},
|
|
{
|
|
"name" : "43921",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/43921"
|
|
},
|
|
{
|
|
"name" : "44168",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/44168"
|
|
},
|
|
{
|
|
"name" : "perl-laundering-security-bypass(66528)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66528"
|
|
}
|
|
]
|
|
}
|
|
}
|