VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-4411
cgi.pm: Unspecified vulnerability in CGI.pm 3.50 and earlie...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4411

Original

Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-12-06
Source Information Category:
Advisory, Alert
Last Updated:
2010-12-07




Affected Product Tags
cpe:/a:cgi.pm:cgi.pm:1.4
cpe:/a:cgi.pm:cgi.pm:1.42
cpe:/a:cgi.pm:cgi.pm:1.43
cpe:/a:cgi.pm:cgi.pm:1.44
cpe:/a:cgi.pm:cgi.pm:1.45
cpe:/a:cgi.pm:cgi.pm:1.50
cpe:/a:cgi.pm:cgi.pm:1.51
cpe:/a:cgi.pm:cgi.pm:1.52
cpe:/a:cgi.pm:cgi.pm:1.53
cpe:/a:cgi.pm:cgi.pm:1.54
cpe:/a:cgi.pm:cgi.pm:1.55
cpe:/a:cgi.pm:cgi.pm:1.56
cpe:/a:cgi.pm:cgi.pm:1.57
cpe:/a:cgi.pm:cgi.pm:2.0
cpe:/a:cgi.pm:cgi.pm:2.01
cpe:/a:cgi.pm:cgi.pm:2.13
cpe:/a:cgi.pm:cgi.pm:2.14
cpe:/a:cgi.pm:cgi.pm:2.15
cpe:/a:cgi.pm:cgi.pm:2.16
cpe:/a:cgi.pm:cgi.pm:2.17
cpe:/a:cgi.pm:cgi.pm:2.18
cpe:/a:cgi.pm:cgi.pm:2.19
cpe:/a:cgi.pm:cgi.pm:2.20
cpe:/a:cgi.pm:cgi.pm:2.21
cpe:/a:cgi.pm:cgi.pm:2.22
cpe:/a:cgi.pm:cgi.pm:2.23
cpe:/a:cgi.pm:cgi.pm:2.24
cpe:/a:cgi.pm:cgi.pm:2.25
cpe:/a:cgi.pm:cgi.pm:2.26
cpe:/a:cgi.pm:cgi.pm:2.27
cpe:/a:cgi.pm:cgi.pm:2.28
cpe:/a:cgi.pm:cgi.pm:2.29
cpe:/a:cgi.pm:cgi.pm:2.30
cpe:/a:cgi.pm:cgi.pm:2.31
cpe:/a:cgi.pm:cgi.pm:2.32
cpe:/a:cgi.pm:cgi.pm:2.33
cpe:/a:cgi.pm:cgi.pm:2.34
cpe:/a:cgi.pm:cgi.pm:2.35
cpe:/a:cgi.pm:cgi.pm:2.36
cpe:/a:cgi.pm:cgi.pm:2.37
cpe:/a:cgi.pm:cgi.pm:2.38
cpe:/a:cgi.pm:cgi.pm:2.39
cpe:/a:cgi.pm:cgi.pm:2.40
cpe:/a:cgi.pm:cgi.pm:2.41
cpe:/a:cgi.pm:cgi.pm:2.42
cpe:/a:cgi.pm:cgi.pm:2.43
cpe:/a:cgi.pm:cgi.pm:2.44
cpe:/a:cgi.pm:cgi.pm:2.45
cpe:/a:cgi.pm:cgi.pm:2.46
cpe:/a:cgi.pm:cgi.pm:2.47
cpe:/a:cgi.pm:cgi.pm:2.48
cpe:/a:cgi.pm:cgi.pm:2.49
cpe:/a:cgi.pm:cgi.pm:2.50
cpe:/a:cgi.pm:cgi.pm:2.51
cpe:/a:cgi.pm:cgi.pm:2.52
cpe:/a:cgi.pm:cgi.pm:2.53
cpe:/a:cgi.pm:cgi.pm:2.54
cpe:/a:cgi.pm:cgi.pm:2.55
cpe:/a:cgi.pm:cgi.pm:2.56
cpe:/a:cgi.pm:cgi.pm:2.57
cpe:/a:cgi.pm:cgi.pm:2.58
cpe:/a:cgi.pm:cgi.pm:2.59
cpe:/a:cgi.pm:cgi.pm:2.60
cpe:/a:cgi.pm:cgi.pm:2.61
cpe:/a:cgi.pm:cgi.pm:2.62
cpe:/a:cgi.pm:cgi.pm:2.63
cpe:/a:cgi.pm:cgi.pm:2.64
cpe:/a:cgi.pm:cgi.pm:2.65
cpe:/a:cgi.pm:cgi.pm:2.66
cpe:/a:cgi.pm:cgi.pm:2.67
cpe:/a:cgi.pm:cgi.pm:2.68
cpe:/a:cgi.pm:cgi.pm:2.69
cpe:/a:cgi.pm:cgi.pm:2.70
cpe:/a:cgi.pm:cgi.pm:2.71
cpe:/a:cgi.pm:cgi.pm:2.72
cpe:/a:cgi.pm:cgi.pm:2.73
cpe:/a:cgi.pm:cgi.pm:2.74
cpe:/a:cgi.pm:cgi.pm:2.75
cpe:/a:cgi.pm:cgi.pm:2.751
cpe:/a:cgi.pm:cgi.pm:2.752
cpe:/a:cgi.pm:cgi.pm:2.753
cpe:/a:cgi.pm:cgi.pm:2.76
cpe:/a:cgi.pm:cgi.pm:2.77
cpe:/a:cgi.pm:cgi.pm:2.78
cpe:/a:cgi.pm:cgi.pm:2.79
cpe:/a:cgi.pm:cgi.pm:2.80
cpe:/a:cgi.pm:cgi.pm:2.81
cpe:/a:cgi.pm:cgi.pm:2.82
cpe:/a:cgi.pm:cgi.pm:2.83
cpe:/a:cgi.pm:cgi.pm:2.84
cpe:/a:cgi.pm:cgi.pm:2.85
cpe:/a:cgi.pm:cgi.pm:2.86
cpe:/a:cgi.pm:cgi.pm:2.87
cpe:/a:cgi.pm:cgi.pm:2.88
cpe:/a:cgi.pm:cgi.pm:2.89
cpe:/a:cgi.pm:cgi.pm:2.90
cpe:/a:cgi.pm:cgi.pm:2.91
cpe:/a:cgi.pm:cgi.pm:2.92
cpe:/a:cgi.pm:cgi.pm:2.93
cpe:/a:cgi.pm:cgi.pm:2.94
cpe:/a:cgi.pm:cgi.pm:2.95
cpe:/a:cgi.pm:cgi.pm:2.96
cpe:/a:cgi.pm:cgi.pm:2.97
cpe:/a:cgi.pm:cgi.pm:2.98
cpe:/a:cgi.pm:cgi.pm:2.99
cpe:/a:cgi.pm:cgi.pm:3.00
cpe:/a:cgi.pm:cgi.pm:3.01
cpe:/a:cgi.pm:cgi.pm:3.02
cpe:/a:cgi.pm:cgi.pm:3.03
cpe:/a:cgi.pm:cgi.pm:3.04
cpe:/a:cgi.pm:cgi.pm:3.05
cpe:/a:cgi.pm:cgi.pm:3.06
cpe:/a:cgi.pm:cgi.pm:3.07
cpe:/a:cgi.pm:cgi.pm:3.08
cpe:/a:cgi.pm:cgi.pm:3.09
cpe:/a:cgi.pm:cgi.pm:3.10
cpe:/a:cgi.pm:cgi.pm:3.11
cpe:/a:cgi.pm:cgi.pm:3.12
cpe:/a:cgi.pm:cgi.pm:3.13
cpe:/a:cgi.pm:cgi.pm:3.14
cpe:/a:cgi.pm:cgi.pm:3.15
cpe:/a:cgi.pm:cgi.pm:3.16
cpe:/a:cgi.pm:cgi.pm:3.17
cpe:/a:cgi.pm:cgi.pm:3.18
cpe:/a:cgi.pm:cgi.pm:3.19
cpe:/a:cgi.pm:cgi.pm:3.20
cpe:/a:cgi.pm:cgi.pm:3.21
cpe:/a:cgi.pm:cgi.pm:3.22
cpe:/a:cgi.pm:cgi.pm:3.23
cpe:/a:cgi.pm:cgi.pm:3.24
cpe:/a:cgi.pm:cgi.pm:3.25
cpe:/a:cgi.pm:cgi.pm:3.26
cpe:/a:cgi.pm:cgi.pm:3.27
cpe:/a:cgi.pm:cgi.pm:3.28
cpe:/a:cgi.pm:cgi.pm:3.29
cpe:/a:cgi.pm:cgi.pm:3.30
cpe:/a:cgi.pm:cgi.pm:3.31
cpe:/a:cgi.pm:cgi.pm:3.32
cpe:/a:cgi.pm:cgi.pm:3.33
cpe:/a:cgi.pm:cgi.pm:3.34
cpe:/a:cgi.pm:cgi.pm:3.35
cpe:/a:cgi.pm:cgi.pm:3.36
cpe:/a:cgi.pm:cgi.pm:3.37
cpe:/a:cgi.pm:cgi.pm:3.38
cpe:/a:cgi.pm:cgi.pm:3.39
cpe:/a:cgi.pm:cgi.pm:3.40
cpe:/a:cgi.pm:cgi.pm:3.41
cpe:/a:cgi.pm:cgi.pm:3.42
cpe:/a:cgi.pm:cgi.pm:3.43
cpe:/a:cgi.pm:cgi.pm:3.44
cpe:/a:cgi.pm:cgi.pm:3.45
cpe:/a:cgi.pm:cgi.pm:3.46
cpe:/a:cgi.pm:cgi.pm:3.47
cpe:/a:cgi.pm:cgi.pm:3.48
cpe:/a:cgi.pm:cgi.pm:3.49
cpe:/a:cgi.pm:cgi.pm:3.50 and previous versions
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
Alternatives




References
MLIST [oss-security] 20101201 Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)




Vulnerability Type Insufficient Information (NVD-CWE-noinfo)




Copyright © 2010 JPCERT/CC All Rights Reserved.