What is the severity of CVE-2011-2201?

CVE-2011-2201 is considered a moderate severity vulnerability due to its potential to allow attackers to bypass input validation.

How do I fix CVE-2011-2201?

To fix CVE-2011-2201, update to a patched version of perl-Data-FormValidator that addresses this vulnerability.

Which versions of perl-Data-FormValidator are affected by CVE-2011-2201?

CVE-2011-2201 affects all versions of perl-Data-FormValidator up to and including version 4.66.

Can CVE-2011-2201 be exploited remotely?

Yes, CVE-2011-2201 can be exploited remotely by an attacker to bypass input validation.

What type of vulnerability is CVE-2011-2201?

CVE-2011-2201 is an input validation flaw that occurs when certain invalid fields are treated as valid.

Vulnerability/
CVE-2011-2201

medium

4.3

CWE

264

12/6/2011

14/9/2011

6/8/2024

CVE-2011-2201

First published: Sun Jun 12 2011(Updated: )

It was found that perl-Data-FormValidator, a HTML form user input validator, used to treat certain invalid fields as valid, when the untaint_all_constraints directive was used (default for majority of Data-FormValidator routines). A remote attacker could use this flaw to bypass perl Taint mode protection mechanism via specially-crafted input provided to the HTML form. References: [1] <a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629511">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629511</a> [2] <a href="https://rt.cpan.org/Public/Bug/Display.html?id=61792">https://rt.cpan.org/Public/Bug/Display.html?id=61792</a>

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
mark stosberg data\	<=4.66
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
mark stosberg data\	=\-formvalidator
Perl

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2201?
CVE-2011-2201 is considered a moderate severity vulnerability due to its potential to allow attackers to bypass input validation.
How do I fix CVE-2011-2201?
To fix CVE-2011-2201, update to a patched version of perl-Data-FormValidator that addresses this vulnerability.
Which versions of perl-Data-FormValidator are affected by CVE-2011-2201?
CVE-2011-2201 affects all versions of perl-Data-FormValidator up to and including version 4.66.
Can CVE-2011-2201 be exploited remotely?
Yes, CVE-2011-2201 can be exploited remotely by an attacker to bypass input validation.
What type of vulnerability is CVE-2011-2201?
CVE-2011-2201 is an input validation flaw that occurs when certain invalid fields are treated as valid.

collector/nvd-historical
agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/last-modified-date
agent/remedy
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2011-2201
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/mark stosberg
canonical/mark stosberg data\
version/mark stosberg data\/4.66
version/mark stosberg data\/\-formvalidator
vendor/perl
canonical/perl

CVE-2011-2201

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2201?

How do I fix CVE-2011-2201?

Which versions of perl-Data-FormValidator are affected by CVE-2011-2201?

Can CVE-2011-2201 be exploited remotely?

What type of vulnerability is CVE-2011-2201?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2011-2201?

How do I fix CVE-2011-2201?

Which versions of perl-Data-FormValidator are affected by CVE-2011-2201?

Can CVE-2011-2201 be exploited remotely?

What type of vulnerability is CVE-2011-2201?