Lucene search

[email protected]NVD:CVE-2011-2201

HistorySep 14, 2011 - 4:05 p.m.

CVE-2011-2201

2011-09-1416:05:23

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.02

Percentile

89.0%

JSON

The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.

Affected configurations

Nvd

Node

mark_stosbergdata\Match\formvalidator

mark_stosbergdata\Match\formvalidator1.3

mark_stosbergdata\Match\formvalidator1.4

mark_stosbergdata\Match\formvalidator1.5

mark_stosbergdata\Match\formvalidator1.5.1

mark_stosbergdata\Match\formvalidator1.6

mark_stosbergdata\Match\formvalidator1.7

mark_stosbergdata\Match\formvalidator1.8

mark_stosbergdata\Match\formvalidator1.9

mark_stosbergdata\Match\formvalidator1.10

mark_stosbergdata\Match\formvalidator1.11

mark_stosbergdata\Match\formvalidator1.91

mark_stosbergdata\Match\formvalidator1.92

mark_stosbergdata\Match\formvalidator1.93

mark_stosbergdata\Match\formvalidator2.00

mark_stosbergdata\Match\formvalidator2.01

mark_stosbergdata\Match\formvalidator2.02

mark_stosbergdata\Match\formvalidator2.03

mark_stosbergdata\Match\formvalidator2.04

mark_stosbergdata\Match\formvalidator2.10

mark_stosbergdata\Match\formvalidator2.11_01

mark_stosbergdata\Match\formvalidator2.11_02

mark_stosbergdata\Match\formvalidator2.11_03

mark_stosbergdata\Match\formvalidator2.11_04

mark_stosbergdata\Match\formvalidator3.00

mark_stosbergdata\Match\formvalidator3.01

mark_stosbergdata\Match\formvalidator3.10

mark_stosbergdata\Match\formvalidator3.11

mark_stosbergdata\Match\formvalidator3.12

mark_stosbergdata\Match\formvalidator3.13

mark_stosbergdata\Match\formvalidator3.14

mark_stosbergdata\Match\formvalidator3.15

mark_stosbergdata\Match\formvalidator3.49_1

mark_stosbergdata\Match\formvalidator3.50

mark_stosbergdata\Match\formvalidator3.51

mark_stosbergdata\Match\formvalidator3.52

mark_stosbergdata\Match\formvalidator3.53

mark_stosbergdata\Match\formvalidator3.54

mark_stosbergdata\Match\formvalidator3.55

mark_stosbergdata\Match\formvalidator3.56

mark_stosbergdata\Match\formvalidator3.57

mark_stosbergdata\Match\formvalidator3.58

mark_stosbergdata\Match\formvalidator3.59

mark_stosbergdata\Match\formvalidator3.60

mark_stosbergdata\Match\formvalidator3.61

mark_stosbergdata\Match\formvalidator3.62

mark_stosbergdata\Match\formvalidator3.63

mark_stosbergdata\Match\formvalidator4.00

mark_stosbergdata\Match\formvalidator4.01

mark_stosbergdata\Match\formvalidator4.02

mark_stosbergdata\Match\formvalidator4.10

mark_stosbergdata\Match\formvalidator4.11

mark_stosbergdata\Match\formvalidator4.12

mark_stosbergdata\Match\formvalidator4.13

mark_stosbergdata\Match\formvalidator4.14

mark_stosbergdata\Match\formvalidator4.20

mark_stosbergdata\Match\formvalidator4.30

mark_stosbergdata\Match\formvalidator4.40

mark_stosbergdata\Match\formvalidator4.49_01

mark_stosbergdata\Match\formvalidator4.50

mark_stosbergdata\Match\formvalidator4.51

mark_stosbergdata\Match\formvalidator4.52

mark_stosbergdata\Match\formvalidator4.53

mark_stosbergdata\Match\formvalidator4.54

mark_stosbergdata\Match\formvalidator4.55

mark_stosbergdata\Match\formvalidator4.56

mark_stosbergdata\Match\formvalidator4.57

mark_stosbergdata\Match\formvalidator4.60

mark_stosbergdata\Match\formvalidator4.61

mark_stosbergdata\Match\formvalidator4.62

mark_stosbergdata\Match\formvalidator4.63

mark_stosbergdata\Match\formvalidator4.65

AND

perlperl

VendorProductVersionCPE
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:*:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.3:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.4:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.5:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.5.1:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.6:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.7:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.8:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.9:*:*:*:*:*:*:*
mark_stosbergdata\cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.10:*:*:*:*:*:*:*

Vendor	Product	CPE
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator::::::::
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.3:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.4:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.5:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.5.1:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.6:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.7:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.8:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.9:::::::*
mark_stosberg	data\	cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.10:::::::*