Vulnerability Details : CVE-2011-1487
The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.
Products affected by CVE-2011-1487
- cpe:2.3:a:perl:perl:5.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.10.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.10.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.10.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.10.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.4:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.5:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.6:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.2:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.3:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.11:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.9:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.10:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.7:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.13.8:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.0:rc0:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.3:rc3:*:*:*:*:*:*
- cpe:2.3:a:perl:perl:5.12.2:rc1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1487
1.70%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1487
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2011-1487
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1487
-
https://bugzilla.redhat.com/show_bug.cgi?id=692844
692844 – lc launders tainted flag
-
http://openwall.com/lists/oss-security/2011/04/01/3
oss-security - CVE Request -- perl -- lc(), uc() routines are laundering tainted dataExploit;Patch
-
http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99
Perl 5 - perl.git/commitPatch
-
https://bugzilla.redhat.com/show_bug.cgi?id=692898
692898 – (CVE-2011-1487) CVE-2011-1487 perl: lc(), uc() routines are laundering tainted dataExploit;Patch
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html
[SECURITY] Fedora 14 Update: perl-5.12.3-143.fc14
-
http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336
Bug #87336 for perl5: Function lc() is laundering tainted data in newer perls, contrary to docsExploit
-
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2011:009
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html
[SECURITY] Fedora 15 Update: perl-5.12.3-156.fc15
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/66528
Perl laundering security bypass CVE-2011-1487 Vulnerability Report
-
http://www.debian.org/security/2011/dsa-2265
Debian -- Security Information -- DSA-2265-1 perl
-
http://openwall.com/lists/oss-security/2011/04/04/35
oss-security - Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted dataExploit;Patch
-
http://www.securityfocus.com/bid/47124
Perl 'lc()' and 'uc()' Functions TAINT Mode Protection Security Bypass WeaknessExploit
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:091
mandriva.com
Jump to