CVE-2011-2201
Published Sep 14, 2011
Last updated 13 years ago
Overview
- Description
- The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFABCFBC-0EC9-4DF4-B36E-C657272183A1",
"versionEndIncluding": "4.66"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "672D4776-8D5B-4819-8BF3-AEDF26C3D96C"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE0F8CE2-8032-4B42-954A-A2FE17756FD7"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A1F5875-286A-400B-BD54-C126DBF9208D"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4AE171E-7047-4028-8111-FBF69A2CA8BD"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "487D174E-2DE8-43BD-B775-2821D4664FAF"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "564A8717-1CCE-4210-B371-610B3CF77864"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1260F48-15C0-4BB3-B7BF-FAE2FBD48730"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE318DEF-513B-4B8D-A234-BE163F999615"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89D205BE-D742-4835-BA7B-858A1CE1E573"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E52CDBF8-F834-4F34-8D4A-05BDF9F0D72A"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.91:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2137D5D4-8007-454F-A212-1766B7F439F1"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.92:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76788109-9544-4257-8371-07370FB6D8A6"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:1.93:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "405BB5BA-4723-4847-8748-61A69E7F53CF"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "131D4215-C4DC-4780-AA5B-06C1FEE61BE2"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AEF3AE5-D0A4-4C68-89DB-696CBB716434"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F844F48-EC40-422A-8088-BFC1647D6A0B"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4034AF6-877B-477D-9C89-9AF4F5A3B08A"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18F27023-9062-49BA-A8FC-52DFB1A56E70"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A409D95-DFA5-4A59-BC40-F593E280E007"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.11_01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76DCC3E8-9419-4359-ACA9-88B45881BC9F"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.11_02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "225F296B-AA04-426D-85EE-07CF3173F8E1"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.11_03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2B45194-6487-42A7-AF51-F065E60DF18B"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:2.11_04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4485908-3E21-4223-8349-3FBAD619A217"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8998E587-98CA-4D3B-8388-45F181DAE970"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E98A159C-36EF-4764-849E-C548639BF888"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCD58054-2DCB-4CAD-8C4E-22D994E59A0F"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E44C0AD3-ACB5-41AD-BFF3-C3423C7438E1"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18E52F34-8A1B-452B-966E-CD553580028B"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CC2BD62-0445-415D-B8BB-37EB70F4358D"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50A22B36-721E-4D4F-B37C-52927170029A"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C6C294C-90E6-4150-8976-508693BD3DBD"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.49_1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D60A3C8F-E980-451B-BDF5-5D9A712BC3B8"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D4C0776-F778-47AF-9099-D7567AA72C8D"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93A9749E-644A-4863-82C9-766AD7CA288D"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.52:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "727FEE1D-23F9-4451-8072-34DDCBCAAE74"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA70B179-D7EE-472B-882D-474BBBE23699"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.54:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51CD2258-08DF-4383-9B0F-6BB15CD5A5E4"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.55:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4C966AF-A159-4B5B-B0D8-6AD08B8929C6"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.56:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3AEBE47-23B4-47A4-8E99-0008400AAF33"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.57:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1870B0DC-6BD0-4EFC-8716-772730845ED0"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.58:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D302C63-E567-4552-9850-9EDEF4C9956A"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.59:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE55ACEB-ECC0-4F9E-BAEF-3F8F1B4FFC78"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4346B371-A067-45C5-A996-F8E9F6A64335"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.61:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC0B54BA-7C06-40BC-AF06-1FA8DD55EB30"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.62:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4B664DE-93D4-4884-9DF4-5EBA1E9FDF5D"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:3.63:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E48EBC0D-2B32-4478-A453-437B4708C3CA"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAA8D79F-7FD4-49ED-B862-4C5F9F69E189"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B47A1DEE-DB01-4525-AB1F-0ECB9418FE45"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E055B23E-E478-4CE9-961C-36FAB8A2D6E5"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4C0DB0A-A0C1-47D4-A480-8CD0DA799751"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51229D5C-47E6-4DE6-8980-C9D463FBD767"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "519DC991-4D87-4BF1-84ED-DE2C0B541989"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD26998A-A9A2-4A19-96A4-A63F8565090C"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6487F14B-3779-4612-8582-7E8875425BF6"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BC665D0-7F02-4A50-AAB6-6D5AB6CE32A9"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D91D8001-0F08-4BF6-9140-F39A94F614F5"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D3E7868-5992-491F-A17F-D60A60943912"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.49_01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02FA1232-DBE9-4F7F-A1E4-89E0E2A66F4B"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "450FCFE6-BDDD-4654-A730-798B298E6DAA"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95D6EAC7-1215-426D-BBAB-0CDFB2D9D462"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.52:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D42D9B8C-5FE3-4987-90D2-13252EF9ADE9"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9C4526E-EEDE-4A91-B1AD-8F8B70047045"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.54:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DAB3AC5-3629-4A7C-9B97-E463EC58363A"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.55:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16B7B04C-7CF5-4C34-BFBA-57850A70C97A"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.56:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "140D6FB5-6EBF-476D-BA63-D75283786EF8"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.57:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EEC6A01-0480-413F-8DE4-CDDF5586C277"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7F5E661-8B88-42D0-8C50-9F7673C5D0D5"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.61:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "698232CE-1461-43A3-9B4E-47698B5F81C4"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.62:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08EF5774-2E9C-42E8-8621-8619D6B9A195"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.63:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D12DA159-B0E2-47BA-A75D-E06FB6ED288E"
},
{
"criteria": "cpe:2.3:a:mark_stosberg:data\\:\\:formvalidator:4.65:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBE69C8F-F659-43AE-8A7A-D3D02B2D2FE9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CB490BCA-8592-4324-BCE3-396BFD647D5E"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]