CyberSec.Space Logo
CVEブラウザに戻る

CVE-2012-6143

HIGH
7.5
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile40.10th
Published2014年6月4日
Last Modified2026年5月6日

Vulnerability Description

Spoon::Cookie in the Spoon module 0.24 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.

Affected Platforms (CPE)

📦
Ingy

Spoon

= 0.24

References & Advisories

🔗 http://seclists.org/oss-sec/2013/q2/318
🔗 http://www.securityfocus.com/bid/59834
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/84197
🔗 https://rt.cpan.org/Public/Bug/Display.html?id=85217
🔗 http://seclists.org/oss-sec/2013/q2/318
🔗 http://www.securityfocus.com/bid/59834
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/84197
🔗 https://rt.cpan.org/Public/Bug/Display.html?id=85217

関連する脆弱性情報

CVE-2019-155219.8

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie co...

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525710.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525810.0

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11....