The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x up to and including 5.12.3, and 5.13.x up to and including 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent malicious users to bypass the taint protection mechanism via a crafted string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
perl perl 5.10.1 |
||
perl perl 5.10.0 |
||
perl perl 5.13.4 |
||
perl perl 5.13.5 |
||
perl perl 5.13.6 |
||
perl perl 5.13.2 |
||
perl perl 5.13.3 |
||
perl perl 5.13.11 |
||
perl perl 5.13.0 |
||
perl perl 5.13.1 |
||
perl perl 5.13.9 |
||
perl perl 5.13.10 |
||
perl perl 5.13.7 |
||
perl perl 5.13.8 |
||
perl perl 5.11.1 |
||
perl perl 5.11.0 |
||
perl perl 5.11.4 |
||
perl perl 5.11.5 |
||
perl perl 5.11.2 |
||
perl perl 5.11.3 |
||
perl perl 5.12.0 |
||
perl perl 5.12.3 |
||
perl perl 5.12.1 |
||
perl perl 5.12.2 |