Lucene search

[email protected]CVE-2013-7329

HistoryOct 06, 2014 - 11:55 p.m.

CVE-2013-7329

2014-10-0623:55:06

CWE-200

[email protected]

web.nvd.nist.gov

cve-2013-7329

cgi::application

perl

remote attackers

sensitive information

web queries

environment details

nvd

6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.8%

JSON

The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function.

Affected configurations

NVD

Node

perlcgi_application_moduleRange≤4.50

CPENameOperatorVersion
perl:cgi_application_moduleperl cgi application modulele4.50

CPE	Name	Operator	Version
perl:cgi_application_module	perl cgi application module	le	4.50

References

lists.fedoraproject.org/pipermail/package-announce/2014-March/129436.html

lists.fedoraproject.org/pipermail/package-announce/2014-March/129444.html

openwall.com/lists/oss-security/2014/02/19/11

www.securityfocus.com/bid/65687

bugs.debian.org/cgi-bin/bugreport.cgi?bug=739505

bugzilla.redhat.com/show_bug.cgi?id=1067180

exchange.xforce.ibmcloud.com/vulnerabilities/91735

github.com/markstos/CGI--Application/pull/15

rt.cpan.org/Public/Bug/Display.html?id=84403

6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.8%

JSON

Related for CVE-2013-7329

nessus2 fedora2 mageia1 prion1 openvas5 cvelist1 nvd1 debiancve1 ubuntucve1 securityvulns1