Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2013-0183
HistoryJun 26, 2013 - 10:11 p.m.

Updated perl-Dancer package fixes CVE-2012-5572

2013-06-2622:11:16
Gentoo Foundation
advisories.mageia.org
18

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

77.6%

JSON

A security flaw was found in the way Dancer.pm, lightweight yet powerful web application framework / Perl language module, performed sanitization of values to be used for cookie() and cookies() methods. A remote attacker could use this flaw to inject arbitrary headers into responses from (Perl) applications, that use Dancer.pm (CVE-2012-5572).

OSVersionArchitecturePackageVersionFilename
Mageia2noarchperl-dancer< 1.311.500-1perl-Dancer-1.311.500-1.mga2
Mageia3noarchperl-dancer< 1.311.500-1perl-Dancer-1.311.500-1.mga3

Related

nessus 4
openvas 5
fedora 3
securityvulns 2
cvelist 1
nvd 1
prion 1
cve 1
ubuntucve 1
debiancve 1
nessus
nessus
Fedora 17 : perl-Dancer-1.3093-3.fc17 (2013-9961)
2013-07-12 00:00:00
Fedora 19 : perl-Dancer-1.3111-3.fc19 (2013-9918)
2013-07-12 00:00:00
Mandriva Linux Security Advisory : perl-Dancer (MDVSA-2013:184)
2013-06-28 00:00:00
openvas
openvas
Fedora Update for perl-Dancer FEDORA-2013-9961
2013-06-18 00:00:00
Fedora Update for perl-Dancer FEDORA-2013-9961
2013-06-18 00:00:00
Fedora Update for perl-Dancer FEDORA-2013-9950
2013-06-18 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: perl-Dancer-1.3093-3.fc17
2013-06-13 05:56:40
[SECURITY] Fedora 19 Update: perl-Dancer-1.3111-3.fc19
2013-06-12 03:36:47
[SECURITY] Fedora 18 Update: perl-Dancer-1.3100-3.fc18
2013-06-13 05:58:24
securityvulns
securityvulns
perl-Dancer headers injection
2013-07-08 00:00:00
[ MDVSA-2013:184 ] perl-Dancer
2013-07-08 00:00:00
cvelist
cvelist
CVE-2012-5572
2014-05-30 14:00:00
nvd
nvd
CVE-2012-5572
2014-05-30 14:55:06
prion
prion
Crlf injection
2014-05-30 14:55:00
cve
cve
CVE-2012-5572
2014-05-30 14:55:06
ubuntucve
ubuntucve
CVE-2012-5572
2014-05-30 00:00:00
debiancve
debiancve
CVE-2012-5572
2014-05-30 14:55:06

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

77.6%

JSON
Related for MGASA-2013-0183
nessus4openvas5fedora3securityvulns2cvelist1nvd1prion1cve1ubuntucve1debiancve1