[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-4411Date: (C)2010-12-06   (M)2023-12-22


Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECUNIA-43033
SECUNIA-43068
SECUNIA-43165
ADV-2011-0106
ADV-2011-0207
ADV-2011-0212
ADV-2011-0271
FEDORA-2011-0741
FEDORA-2011-0755
MDVSA-2011:008
SUSE-SR:2011:002
SUSE-SR:2011:005
http://openwall.com/lists/oss-security/2010/12/01/3
http://www.bugzilla.org/security/3.2.9/
https://bugzilla.mozilla.org/show_bug.cgi?id=591165

CPE    154
cpe:/a:andy_armstrong:cgi.pm:2.28
cpe:/a:andy_armstrong:cgi.pm:2.29
cpe:/a:andy_armstrong:cgi.pm:1.53
cpe:/a:andy_armstrong:cgi.pm:2.22
...
OVAL    4
oval:org.secpod.oval:def:300389
oval:org.secpod.oval:def:101208
oval:org.secpod.oval:def:101226
oval:org.secpod.oval:def:700486
...

© SecPod Technologies