Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2012-5526
Deferred
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-21 Nov, 2012 | 23:55
Updated At-11 Apr, 2025 | 00:51

CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
CPE Matches
andy_armstrong
andy_armstrong
>>cgi.pm>>Versions up to 3.62(inclusive)
cpe:2.3:a:andy_armstrong:cgi.pm:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-16Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changessecalert@redhat.com
N/A
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705secalert@redhat.com
N/A
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735secalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-0685.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/51457secalert@redhat.com
N/A
http://secunia.com/advisories/55314secalert@redhat.com
N/A
http://www.debian.org/security/2012/dsa-2586secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2012/11/15/6secalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/56562secalert@redhat.com
N/A
http://www.securitytracker.com/id?1027780secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-1643-1secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/80098secalert@redhat.com
N/A
https://github.com/markstos/CGI.pm/pull/23secalert@redhat.com
N/A
http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changesaf854a3a-2127-422b-91ae-364da2661108
N/A
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705af854a3a-2127-422b-91ae-364da2661108
N/A
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735af854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-0685.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51457af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/55314af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2012/dsa-2586af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2012/11/15/6af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/56562af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1027780af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1643-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/80098af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/markstos/CGI.pm/pull/23af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found