perl is vulnerable to privilege escalation. The vulnerability exists as it was found that certain Perl string manipulation functions (such as uc() and lc()) failed to preserve the taint bit. A remote attacker could use this flaw to bypass the Perl taint mode protection mechanism in scripts that use the affected functions to process tainted input.
cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.51/Changes
lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html
lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html
lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
openwall.com/lists/oss-security/2011/04/01/3
openwall.com/lists/oss-security/2011/04/04/35
perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99
rt.perl.org/rt3/Public/Bug/Display.html?id=87336
secunia.com/advisories/43921
secunia.com/advisories/44168
www.debian.org/security/2011/dsa-2265
www.mandriva.com/security/advisories?name=MDVSA-2011:091
www.securityfocus.com/bid/47124
access.redhat.com/errata/RHSA-2011:0558
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=692844
bugzilla.redhat.com/show_bug.cgi?id=692898
exchange.xforce.ibmcloud.com/vulnerabilities/66528