CVE-2010-4411 Information

Feb 14, 2021 cve

Description

Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.

Reference

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://openwall.com/lists/oss-security/2010/12/01/3 http://secunia.com/advisories/43033 http://secunia.com/advisories/43068 http://secunia.com/advisories/43165 http://www.bugzilla.org/security/3.2.9/ http://www.mandriva.com/security/advisories?name=MDVSA-2011:008 http://www.vupen.com/english/advisories/2011/0106 http://www.vupen.com/english/advisories/2011/0207 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0271 https://bugzilla.mozilla.org/show_bug.cgi?id=591165

Share on: