Security Advisory

CVE-2012-5526

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-11-21 23:00:00

Last updated 2024-08-06 21:05:47

Assigner redhat

State PUBLISHED

Description

CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.

← Browse all CVEs View on cve.org ↗