mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-28 09:12:00 +00:00
132 lines
4.9 KiB
JSON
132 lines
4.9 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"ID": "CVE-2011-1487",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=692844",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=692844"
|
|
},
|
|
{
|
|
"name": "SUSE-SR:2011:009",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
|
|
},
|
|
{
|
|
"name": "FEDORA-2011-4610",
|
|
"refsource": "FEDORA",
|
|
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html"
|
|
},
|
|
{
|
|
"name": "44168",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/44168"
|
|
},
|
|
{
|
|
"name": "43921",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/43921"
|
|
},
|
|
{
|
|
"name": "DSA-2265",
|
|
"refsource": "DEBIAN",
|
|
"url": "http://www.debian.org/security/2011/dsa-2265"
|
|
},
|
|
{
|
|
"name": "FEDORA-2011-4631",
|
|
"refsource": "FEDORA",
|
|
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html"
|
|
},
|
|
{
|
|
"name": "http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336"
|
|
},
|
|
{
|
|
"name": "47124",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/47124"
|
|
},
|
|
{
|
|
"name": "[oss-security] 20110404 Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted data",
|
|
"refsource": "MLIST",
|
|
"url": "http://openwall.com/lists/oss-security/2011/04/04/35"
|
|
},
|
|
{
|
|
"name": "http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99"
|
|
},
|
|
{
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=692898",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=692898"
|
|
},
|
|
{
|
|
"name": "MDVSA-2011:091",
|
|
"refsource": "MANDRIVA",
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:091"
|
|
},
|
|
{
|
|
"name": "perl-laundering-security-bypass(66528)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66528"
|
|
},
|
|
{
|
|
"name": "[oss-security] 20110401 CVE Request -- perl -- lc(), uc() routines are laundering tainted data",
|
|
"refsource": "MLIST",
|
|
"url": "http://openwall.com/lists/oss-security/2011/04/01/3"
|
|
}
|
|
]
|
|
}
|
|
} |