CVE-2012-6329

{"id": "CVE-2012-6329", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-01-04T21:55:01.710", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224", "source": "[email protected]"}, {"url": "http://code.activestate.com/lists/perl5-porters/187746/", "source": "[email protected]"}, {"url": "http://code.activestate.com/lists/perl5-porters/187763/", "source": "[email protected]"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "source": "[email protected]"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735", "source": "[email protected]"}, {"url": "http://openwall.com/lists/oss-security/2012/12/11/4", "source": "[email protected]"}, {"url": "http://perl5.git.perl.org/perl.git/blob/HEAD:/pod/perl5177delta.pod", "source": "[email protected]"}, {"url": "http://perl5.git.perl.org/perl.git/commit/1735f6f53ca19f99c6e9e39496c486af323ba6a8", "tags": ["Patch"], "source": "[email protected]"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0685.html", "source": "[email protected]"}, {"url": "http://sourceforge.net/mailarchive/message.php?msg_id=30219695", "source": "[email protected]"}, {"url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329", "source": "[email protected]"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:113", "source": "[email protected]"}, {"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/56950", "source": "[email protected]"}, {"url": "http://www.ubuntu.com/usn/USN-2099-1", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=884354", "source": "[email protected]"}, {"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0032", "source": "[email protected]"}, {"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://code.activestate.com/lists/perl5-porters/187746/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://code.activestate.com/lists/perl5-porters/187763/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://openwall.com/lists/oss-security/2012/12/11/4", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://perl5.git.perl.org/perl.git/blob/HEAD:/pod/perl5177delta.pod", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://perl5.git.perl.org/perl.git/commit/1735f6f53ca19f99c6e9e39496c486af323ba6a8", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0685.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sourceforge.net/mailarchive/message.php?msg_id=30219695", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:113", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/56950", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-2099-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=884354", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0032", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6."}, {"lang": "es", "value": "La funci\u00f3n _compile en Maketext.pm en la implementaci\u00f3n de Locale::Maketext en Perl anteriores a v5.17.7 no gestionan de forma adecuada los slash cruzados (\\) y lo nombres de m\u00e9todos cualificados durante la compilaci\u00f3n o notaci\u00f3n de comillas, lo que permite a atacantes dependiendo del contexto a ejecutar comandos a trav\u00e9s de entradas manipulados sobre una aplicaci\u00f3n que acepta la traslaci\u00f3n de cadenas desde usuarios, como se demostr\u00f3 por la aplicaci\u00f3n TWiki anteriores a v5.1.3, y la aplicaci\u00f3n Foswiki v1.0.x hasta v1.0.10 y v1.1.x hasta v1.1.6."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FA2D667-D3E6-4BC2-8477-3C938C9C0CA7", "versionEndIncluding": "5.16.2"}, {"criteria": "cpe:2.3:a:perl:perl:5.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "777EC860-FB16-4B15-A8BE-3EAE9FD8A99D"}, {"criteria": "cpe:2.3:a:perl:perl:5.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B84C088-F29F-4498-A390-187505361962"}, {"criteria": "cpe:2.3:a:perl:perl:5.10.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17E86767-47EB-4A39-B8E1-A4B9AB4BC20E"}, {"criteria": "cpe:2.3:a:perl:perl:5.10.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB77E3D6-9F24-4C51-86E4-CD014DF0F66E"}, {"criteria": "cpe:2.3:a:perl:perl:5.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D67E248-C0B8-4713-9D9A-47097885A2C7"}, {"criteria": "cpe:2.3:a:perl:perl:5.10.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B32436EE-DA64-41AD-B967-26C6D4973FC2"}, {"criteria": "cpe:2.3:a:perl:perl:5.10.1:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF46E50D-AE29-49FD-884B-488D9EB879D4"}, {"criteria": "cpe:2.3:a:perl:perl:5.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77B23E85-8167-4B17-8D76-BD807067BB4D"}, {"criteria": "cpe:2.3:a:perl:perl:5.11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8355C16E-16D4-4A68-BFD3-125892E3FA1D"}, {"criteria": "cpe:2.3:a:perl:perl:5.11.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85FFA753-4B14-4B52-941F-C33D41451EF2"}, {"criteria": "cpe:2.3:a:perl:perl:5.11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B99FD006-688D-43BB-901A-FB9192157947"}, {"criteria": "cpe:2.3:a:perl:perl:5.11.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBD582A1-DCCF-4D54-8177-45E861A0C263"}, {"criteria": "cpe:2.3:a:perl:perl:5.11.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5AF4FAA-A591-43FB-A9B1-FD47EF0AC622"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BC3F8EA-BE60-4EAB-A9B9-DB1368B5430C"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.0:rc0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0D13359-AC5F-40CB-B906-8E03526CE045"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5E92FB2-7C21-4F06-AE3F-562551A758AF"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D213529E-33EF-43D1-A673-3C94191427D8"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6539E09-4DC5-4C53-AFF1-70D06BBA9E7F"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.0:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52D8DF08-AE73-4529-B212-CA31F02A719E"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.0:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA054FCE-FABC-4EB5-9759-F77C6F250B44"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB5DDFC6-4EDF-452A-B561-C9115D91FB3E"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1DBAB61-4BFB-4664-98CF-77C617F982A5"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.1:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A7580C2-44DE-48E5-AC26-A221537C95D8"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54E04A5E-BE90-4A31-8C1D-09A91DD3E7DF"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.2:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A52ADD6-05DE-4A16-9745-D92CD5F46502"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFF99954-5B94-4092-83B9-7D17EEDB30A5"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.3:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38A25AC3-1C81-4234-8B7E-0D59EA1F103B"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.3:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93E670B7-6956-4A13-A2A8-F675C0B093FC"}, {"criteria": "cpe:2.3:a:perl:perl:5.12.3:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23F1C64E-1446-409D-9F53-1C03724A10E1"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93813F8D-F22F-43E3-B894-BEB7FA6204F1"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B280339A-1CED-4FBD-8B3C-A48B07FE9BAC"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC85766E-3A59-4711-85C9-62AC01F2A87D"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AC9AA38-4A25-4825-9EDD-E93353A8B195"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "388E8952-47B7-426E-AE35-0216FD60CC8C"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "105AB2DD-5E61-4369-8383-B7BF13B85444"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF2F4C5C-2B56-450A-813F-254019FBB854"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "226424B4-7299-4E28-BBB1-0FCC9E2602E0"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C16C918C-A1C4-425B-9C0C-B239B3482A77"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5393E265-60C1-43A6-9EFE-505A115053DF"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DD50D93-8395-4698-A12B-D9CAAB022BF2"}, {"criteria": "cpe:2.3:a:perl:perl:5.13.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04EE04B4-71DD-4A87-BA2D-79954AEF5DD6"}, {"criteria": "cpe:2.3:a:perl:perl:5.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A968B30-8456-49C2-A9B0-6CF55CB3C7B4"}, {"criteria": "cpe:2.3:a:perl:perl:5.14.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66BF9787-C734-43DA-B8BF-FF6D6F4E802A"}, {"criteria": "cpe:2.3:a:perl:perl:5.14.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D94BF151-572F-4C50-8E47-9B8BCDD16A77"}, {"criteria": "cpe:2.3:a:perl:perl:5.14.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5114F054-E5AF-4905-83DD-459E1D56B5DE"}, {"criteria": "cpe:2.3:a:perl:perl:5.14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91B91435-67DA-49E1-A37F-7839728F17BC"}, {"criteria": "cpe:2.3:a:perl:perl:5.14.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "851028B9-65A4-4A4F-9C40-930B0B9A8797"}, {"criteria": "cpe:2.3:a:perl:perl:5.14.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7AD4720-7A84-4D02-8DDC-1B91A08D98D3"}, {"criteria": "cpe:2.3:a:perl:perl:5.16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9E3D711-A503-480F-B1EC-EC433F7DD644"}, {"criteria": "cpe:2.3:a:perl:perl:5.16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38179468-F93E-4E3C-8213-5F4A903B186A"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}