Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2012-6329
Description:The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.
Test IDs: 1.3.6.1.4.1.25623.1.0.803162   1.3.6.1.4.1.25623.1.0.865275   1.3.6.1.4.1.25623.1.0.803339   1.3.6.1.4.1.25623.1.0.865373   1.3.6.1.4.1.25623.1.0.841704   1.3.6.1.4.1.25623.1.0.121275   1.3.6.1.4.1.25623.1.0.123654  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-6329
BugTraq ID: 56950
http://www.securityfocus.com/bid/56950
http://www.mandriva.com/security/advisories?name=MDVSA-2013:113
https://bugzilla.redhat.com/show_bug.cgi?id=884354
http://sourceforge.net/mailarchive/message.php?msg_id=30219695
http://openwall.com/lists/oss-security/2012/12/11/4
http://code.activestate.com/lists/perl5-porters/187763/
http://code.activestate.com/lists/perl5-porters/187746/
RedHat Security Advisories: RHSA-2013:0685
http://rhn.redhat.com/errata/RHSA-2013-0685.html
http://www.ubuntu.com/usn/USN-2099-1




© 1998-2024 E-Soft Inc. All rights reserved.