FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-4411

This CVE name corresponds to:

Entered Topic
2011-01-25 bugzilla -- multiple serious vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-4411 at cve.mitre.org

Details

Type Candidate
Name CVE-2010-4411
Phase Assigned(20101206)

Description

Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.

References

Source Reference
MLIST [oss-security] 20101201 Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)
CONFIRM http://www.bugzilla.org/security/3.2.9/
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=591165
FEDORA FEDORA-2011-0741
FEDORA FEDORA-2011-0755
MANDRIVA MDVSA-2011:008
SUSE SUSE-SR:2011:002
SUSE SUSE-SR:2011:005
SECUNIA 43033
SECUNIA 43068
SECUNIA 43165
VUPEN ADV-2011-0106
VUPEN ADV-2011-0207
VUPEN ADV-2011-0212
VUPEN ADV-2011-0271

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.