Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2010-2761

Опубликовано: 06 дек. 2010
Источник: debian

Описание

The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
perlfixed5.10.1-17package
libcgi-pm-perlfixed3.50-1package
libcgi-pm-perlfixed3.38-2lenny2lennypackage
libcgi-pm-perlfixed3.49-1squeeze1squeezepackage
libcgi-simple-perlfixed1.111-2package
libcgi-simple-perlfixed1.105-1lenny1lennypackage
perlfixed5.10.0-19lenny3lennypackage

Связанные уязвимости

ubuntu логотип

CVE-2010-2761

ubuntu
больше 14 лет назад

The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.

redhat логотип

CVE-2010-2761

redhat
больше 14 лет назад

The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.

nvd логотип

CVE-2010-2761

nvd
больше 14 лет назад

The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.

github логотип

GHSA-8x6h-gq6j-8x3j

github
около 3 лет назад

The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.

oracle-oval логотип

ELSA-2011-1797

oracle-oval
больше 13 лет назад

ELSA-2011-1797: perl security update (MODERATE)