5
CVE-2007-1349
- EPSS 10.11%
- Veröffentlicht 30.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version6.10
Canonical ≫ Ubuntu Linux Version7.04
Redhat ≫ Enterprise Linux Desktop Version3.0
Redhat ≫ Enterprise Linux Desktop Version4.0
Redhat ≫ Enterprise Linux Desktop Version5.0
Redhat ≫ Enterprise Linux Eus Version4.5
Redhat ≫ Enterprise Linux Server Version3.0
Redhat ≫ Enterprise Linux Server Version4.0
Redhat ≫ Enterprise Linux Server Version5.0
Redhat ≫ Enterprise Linux Workstation Version3.0
Redhat ≫ Enterprise Linux Workstation Version4.0
Redhat ≫ Enterprise Linux Workstation Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.11% | 0.95 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.redhat.com/support/errata/RHSA-2008-0261.html
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://secunia.com/advisories/25894
http://secunia.com/advisories/25432
http://www.novell.com/linux/security/advisories/2007_12_sr.html
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://secunia.com/advisories/31493
http://secunia.com/advisories/25072
http://www.novell.com/linux/security/advisories/2007_8_sr.html
http://rhn.redhat.com/errata/RHSA-2007-0395.html
http://secunia.com/advisories/24678
http://secunia.com/advisories/24839
http://secunia.com/advisories/25110
http://secunia.com/advisories/25655
http://secunia.com/advisories/25730
http://secunia.com/advisories/26084
http://secunia.com/advisories/26231
http://secunia.com/advisories/26290
http://secunia.com/advisories/31490
http://secunia.com/advisories/33720
http://secunia.com/advisories/33723
http://security.gentoo.org/glsa/glsa-200705-04.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1
http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm
http://svn.apache.org/repos/asf/perl/modperl/branches/1.x/Changes
http://www.gossamer-threads.com/lists/modperl/modperl/92739
http://www.mandriva.com/security/advisories?name=MDKSA-2007:083
http://www.redhat.com/support/errata/RHSA-2007-0396.html
http://www.redhat.com/support/errata/RHSA-2007-0486.html
http://www.redhat.com/support/errata/RHSA-2008-0627.html
http://www.securityfocus.com/bid/23192
http://www.securitytracker.com/id?1018259
http://www.trustix.org/errata/2007/0023/
http://www.ubuntu.com/usn/usn-488-1
http://www.vupen.com/english/advisories/2007/1150
https://exchange.xforce.ibmcloud.com/vulnerabilities/33312
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10987
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8349