CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2012-6142

HIGH
7.5
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile27.96th
Published2014年6月4日
Last Modified2026年5月6日

Vulnerability Description

Session::Cookie in the HTML::EP module 0.2011 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.

Affected Platforms (CPE)

📦
Jochen Wiedmann

Html\

= \

References & Advisories

🔗 http://seclists.org/oss-sec/2013/q2/318
🔗 http://www.securityfocus.com/bid/59833
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/84199
🔗 http://seclists.org/oss-sec/2013/q2/318
🔗 http://www.securityfocus.com/bid/59833
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/84199

相關漏洞威脅

CVE-2019-1215310.0

Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF, allowing attackers to access netw...

CVE-2021-3267110.0

Flarum is a forum software for building communities. Flarum's translation system allowed for string inputs to be converted into HT...

CVE-2018-1904710.0

mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="htt...

CVE-2021-3919910.0

remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-htm...