CVE-2011-1487

Current Description

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

Basic Data

PublishedApril 11, 2011
Last ModifiedAugust 17, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-264
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationPerlPerl5.10.0*******
    2.3ApplicationPerlPerl5.10.0rc1******
    2.3ApplicationPerlPerl5.10.0rc2******
    2.3ApplicationPerlPerl5.10.1*******
    2.3ApplicationPerlPerl5.10.1rc1******
    2.3ApplicationPerlPerl5.10.1rc2******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationPerlPerl5.13.0*******
    2.3ApplicationPerlPerl5.13.1*******
    2.3ApplicationPerlPerl5.13.2*******
    2.3ApplicationPerlPerl5.13.3*******
    2.3ApplicationPerlPerl5.13.4*******
    2.3ApplicationPerlPerl5.13.5*******
    2.3ApplicationPerlPerl5.13.6*******
    2.3ApplicationPerlPerl5.13.7*******
    2.3ApplicationPerlPerl5.13.8*******
    2.3ApplicationPerlPerl5.13.9*******
    2.3ApplicationPerlPerl5.13.10*******
    2.3ApplicationPerlPerl5.13.11*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationPerlPerl5.11.0*******
    2.3ApplicationPerlPerl5.11.1*******
    2.3ApplicationPerlPerl5.11.2*******
    2.3ApplicationPerlPerl5.11.3*******
    2.3ApplicationPerlPerl5.11.4*******
    2.3ApplicationPerlPerl5.11.5*******
  • OR - Configuration 4
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationPerlPerl5.12.0*******
    2.3ApplicationPerlPerl5.12.0rc0******
    2.3ApplicationPerlPerl5.12.0rc1******
    2.3ApplicationPerlPerl5.12.0rc2******
    2.3ApplicationPerlPerl5.12.0rc3******
    2.3ApplicationPerlPerl5.12.0rc4******
    2.3ApplicationPerlPerl5.12.0rc5******
    2.3ApplicationPerlPerl5.12.1*******
    2.3ApplicationPerlPerl5.12.1rc1******
    2.3ApplicationPerlPerl5.12.1rc2******
    2.3ApplicationPerlPerl5.12.2*******
    2.3ApplicationPerlPerl5.12.2rc1******
    2.3ApplicationPerlPerl5.12.3*******
    2.3ApplicationPerlPerl5.12.3rc1******
    2.3ApplicationPerlPerl5.12.3rc2******
    2.3ApplicationPerlPerl5.12.3rc3******

Vulnerable Software List

VendorProductVersions
Perl Perl 5.10.0, 5.10.1, 5.11.0, 5.11.1, 5.11.2, 5.11.3, 5.11.4, 5.11.5, 5.12.0, 5.12.1, 5.12.2, 5.12.3, 5.13.0, 5.13.1, 5.13.10, 5.13.11, 5.13.2, 5.13.3, 5.13.4, 5.13.5, 5.13.6, 5.13.7, 5.13.8, 5.13.9

References

NameSourceURLTags
FEDORA-2011-4610http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.htmlFEDORA
FEDORA-2011-4631http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.htmlFEDORA
SUSE-SR:2011:009http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.htmlSUSE
[oss-security] 20110401 CVE Request -- perl -- lc(), uc() routines are laundering tainted datahttp://openwall.com/lists/oss-security/2011/04/01/3MLISTExploit Patch
[oss-security] 20110404 Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted datahttp://openwall.com/lists/oss-security/2011/04/04/35MLISTExploit Patch
http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99CONFIRMPatch
http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336CONFIRMExploit
43921http://secunia.com/advisories/43921SECUNIAVendor Advisory
44168http://secunia.com/advisories/44168SECUNIA
DSA-2265http://www.debian.org/security/2011/dsa-2265DEBIAN
MDVSA-2011:091http://www.mandriva.com/security/advisories?name=MDVSA-2011:091MANDRIVA
47124http://www.securityfocus.com/bid/47124BIDExploit
https://bugzilla.redhat.com/show_bug.cgi?id=692844https://bugzilla.redhat.com/show_bug.cgi?id=692844CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=692898https://bugzilla.redhat.com/show_bug.cgi?id=692898CONFIRMExploit Patch
perl-laundering-security-bypass(66528)https://exchange.xforce.ibmcloud.com/vulnerabilities/66528XF