CVE-2011-2767

CVE-2011-2767 affects mod_perl 2.0 through 2.0.10. Root cause: there is no configuration option that permits Perl code for admin control of HTTP request processing without also letting unprivileged users run Perl in the Apache process context. Impact: attackers can execute arbitrary Perl code by ...

CVE-2007-1349

CVE-2007-1349 is referenced in connected documents as affecting Solaris/SunOS patches for Apache 1.3 on SPARC/x86 (patches 122911-32 through 122911-37). The initial description attributes the flaw to PerlRun.pm in Apache mod_perl 1.30 and RegistryCooker.pm in mod_perl 2.x, which fail to properly ...

CVE-2009-0796

CVE-2009-0796 describes a cross-site scripting (XSS) vulnerability in Status.pm for Apache::Status and Apache2::Status within mod_perl1 and mod_perl2 on the Apache HTTP Server. The issue occurs when /perl-status is accessible, enabling remote attackers to inject arbitrary web script or HTML via t...