CVE-2012-6142 Information

Description

Session::Cookie in the HTML::EP module 0.2011 for Perl does not properly use the Storable::thaw function which allows remote attackers to execute arbitrary code via a crafted request which is not properly handled when it is deserialized.

Reference

http://seclists.org/oss-sec/2013/q2/318 http://www.securityfocus.com/bid/59833 https://exchange.xforce.ibmcloud.com/vulnerabilities/84199