MDVSA-2011:091 -- Mandriva perlID: oval:org.secpod.oval:def:301020 | Date: (C)2012-01-07 (M)2021-09-11 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in perl: The lc, lcfirst, uc, and ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string . Packages for 2009.0 are provided as of the Extended Maintenance Program
Platform: |
Mandriva Linux 2010.1 |
Mandriva Linux 2009.0 |