3 matches found
perl-CGI: Newline injection due to improper CRLF escaping in Set-Cookie and P3P headers
CGI.pm module before 3.63 for Perl does not properly escape newlines in 1 Set-Cookie or 2 P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm...
DEBIAN-CVE-2012-5526
CGI.pm module before 3.63 for Perl does not properly escape newlines in 1 Set-Cookie or 2 P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm...
UBUNTU-CVE-2012-5526
CGI.pm module before 3.63 for Perl does not properly escape newlines in 1 Set-Cookie or 2 P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm...