Back to search
CVE-2012-6141
Published: Jun 4, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The App::Context module 0.01 through 0.968 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request to (1) App::Session::Cookie or (2) App::Session::HTMLHidden, which is not properly handled when it is deserialized.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20130514 Re: CVE Request: Storable::thaw called on cookie data in multiple CPAN modules
mailing-list
x_refsource_MLIST
appcontext-cve20126141-sec-bypass(84198)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now