Lucene search

PRIOn knowledge basePRION:CVE-2013-7329

HistoryOct 06, 2014 - 11:55 p.m.

Design/Logic Flaw

2014-10-0623:55:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.9%

JSON

The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function.

CPENameOperatorVersion
cgi_application_modulele4.50

CPE	Name	Operator	Version
	cgi_application_module	le	4.50

References

openwall.com/lists/oss-security/2014/02/19/11

www.securityfocus.com/bid/65687

bugs.debian.org/cgi-bin/bugreport.cgi?bug=739505

bugzilla.redhat.com/show_bug.cgi?id=1067180

exchange.xforce.ibmcloud.com/vulnerabilities/91735

github.com/markstos/CGI--Application/pull/15

lists.fedoraproject.org/pipermail/package-announce/2014-March/129436.html

lists.fedoraproject.org/pipermail/package-announce/2014-March/129444.html

rt.cpan.org/Public/Bug/Display.html?id=84403

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.9%

JSON

Related for PRION:CVE-2013-7329