RSS   Vulnerabilities for 'Http-body'   RSS

2013-11-23
 
CVE-2013-4407

CWE-noinfo
 

 
HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module for Perl uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume the suffix is well-formed.

 


Copyright 2024, cxsecurity.com

 

Back to Top