Lucene search
+L

63 matches found

OpenVAS
OpenVAS
added 2014/04/03 12:0 a.m.17 views

openSUSE: Security Advisory for perl-HTTP-Body (openSUSE-SU-2014:0433-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS5.2AI score0.02877EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/25 10:4 a.m.31 views

perl-HTTP-Body: update to 1.19 release with security fixes (important)

perl-HTTP-Body was updated to 1.19 and also received a security fix for a potential remote code injection when upload files...

6.8CVSS2.2AI score0.02877EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/11/26 12:0 a.m.66 views

[SECURITY] [DSA 2801-1] libhttp-body-perl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2801-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 21, 2013 http://www.debian.org/security/faq -...

6.8CVSS1.6AI score0.02877EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/11/26 12:0 a.m.21 views

Mandriva Linux Security Advisory : perl-HTTP-Body (MDVSA-2013:282)

Updated perl-HTTP-Body package fixes security vulnerability : Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to...

6.8CVSS5.7AI score0.02877EPSS
Exploits0References2
NVD
NVD
added 2013/11/23 6:55 p.m.16 views

CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.8CVSS6.4AI score0.02877EPSS
Exploits0References8
OSV
OSV
added 2013/11/23 6:55 p.m.9 views

CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.3AI score
Exploits0References8
OSV
OSV
added 2013/11/23 6:55 p.m.5 views

ALPINE-CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.8CVSS6.8AI score0.02877EPSS
Exploits0References1
OSV
OSV
added 2013/11/23 6:55 p.m.2 views

DEBIAN-CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.8CVSS6.8AI score0.02877EPSS
Exploits0References1
Prion
Prion
added 2013/11/23 6:55 p.m.12 views

Design/Logic Flaw

HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module for Perl uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume...

6.8CVSS6.9AI score0.02877EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2013/11/23 6:55 p.m.23 views

CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.8CVSS5.9AI score0.02877EPSS
Exploits0References1
CVE
CVE
added 2013/11/23 12:0 a.m.137 views

CVE-2013-4407

CVE-2013-4407 affects Perl’s HTTP::Body::Multipart in the HTTP-Body module. Vulnerable: Perl HTTP-Body versions 1.07–1.22 (before 1.23) where the code uses the part of the uploaded file name after the first dot as the suffix of a temporary file, which may be misinterpreted by downstream logic tha...

6.8CVSS6.3AI score0.02877EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2013/11/23 12:0 a.m.57 views

CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.8CVSS6.4AI score0.02877EPSS
Exploits0
Cvelist
Cvelist
added 2013/11/23 12:0 a.m.21 views

CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.2AI score0.02877EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2013/11/23 12:0 a.m.57 views

CVE-2013-4407

HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...

6.8CVSS6.4AI score0.02877EPSS
Exploits0
Mageia
Mageia
added 2013/11/22 7:20 p.m.26 views

Updated perl-HTTP-Body packages fix CVE-2013-4407

Updated perl-HTTP-Body package fixes security vulnerability: Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to...

6.8CVSS0.2AI score0.02877EPSS
Exploits0References2
OSV
OSV
added 2013/11/22 7:20 p.m.9 views

MGASA-2013-0352 Updated perl-HTTP-Body packages fix CVE-2013-4407

Updated perl-HTTP-Body package fixes security vulnerability: Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to...

6.8CVSS6.6AI score0.02877EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2013/11/22 10:52 a.m.9 views

Debian Patches Flaws in Nginx, Perl Module

Debian has released patches for a pair of security vulnerabilities in the free operating system, including a security bypass flaw in the Nginx Web server. The other vulnerability lies in a Perl module used in the OS. The vulnerability in the HTTP: :Body Perl module could allow an attacker to run...

1.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/11/22 12:0 a.m.28 views

Debian DSA-2801-1 : libhttp-body-perl - design error

Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to upload files to a service that uses HTTP::Body::Multipart cou...

6.8CVSS5.7AI score0.02877EPSS
Exploits0References4
Debian
Debian
added 2013/11/21 8:35 p.m.70 views

[SECURITY] [DSA 2801-1] libhttp-body-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2801-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 21, 2013 http://www.debian.org/security/faq -...

6.8CVSS1.7AI score0.02877EPSS
Exploits0
Debian
Debian
added 2013/11/21 8:35 p.m.56 views

[SECURITY] [DSA 2801-1] libhttp-body-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2801-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 21, 2013 http://www.debian.org/security/faq -...

6.8CVSS6AI score0.02877EPSS
Exploits0
Rows per page
Query Builder