SUSE CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

[SECURITY] Fedora 18 Update: perl-CGI-3.51-10.fc18

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

perl-CGI-Simple: - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

perl cgi.pm crossite scripting

Crossite scripting on startform function...