Main Vulnerability Database Exploits ID:4328 - Exploit for Permissions, Privileges, and Access Controls in Perl - CVE-2011-1487

ID:4328 - Exploit for Permissions, Privileges, and Access Controls in Perl - CVE-2011-1487

Published: August 11, 2020

Vulnerability identifier: #VU45133

Vulnerability risk: Medium

CVE-ID: CVE-2011-1487

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Perl

Link to public exploit:

https://www.exploit-db.com/exploits/35554/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

Remediation

Install update from vendor's website.

ID:4328 - Exploit for Permissions, Privileges, and Access Controls in Perl - CVE-2011-1487

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human