CVE-2010-4411

Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.

Published: Dec 6, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4411
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
andy_armstrong / cgi.pm	3.01	3.01.x
andy_armstrong / cgi.pm	3.24	3.24.x
andy_armstrong / cgi.pm	2.49	2.49.x
andy_armstrong / cgi.pm	3.20	3.20.x
andy_armstrong / cgi.pm	2.26	2.26.x
andy_armstrong / cgi.pm	3.05	3.05.x
andy_armstrong / cgi.pm	2.83	2.83.x
andy_armstrong / cgi.pm	3.42	3.42.x
andy_armstrong / cgi.pm	2.45	2.45.x
andy_armstrong / cgi.pm	2.44	2.44.x
andy_armstrong / cgi.pm	3.35	3.35.x
andy_armstrong / cgi.pm	2.51	2.51.x
andy_armstrong / cgi.pm	3.32	3.32.x
andy_armstrong / cgi.pm	3.14	3.14.x
andy_armstrong / cgi.pm	3.44	3.44.x
andy_armstrong / cgi.pm	2.0	2.0.x
andy_armstrong / cgi.pm	2.62	2.62.x
andy_armstrong / cgi.pm	2.70	2.70.x
andy_armstrong / cgi.pm	2.75	2.75.x
andy_armstrong / cgi.pm	2.28	2.28.x
andy_armstrong / cgi.pm	2.84	2.84.x
andy_armstrong / cgi.pm	2.99	2.99.x
andy_armstrong / cgi.pm	2.69	2.69.x
andy_armstrong / cgi.pm	3.38	3.38.x
andy_armstrong / cgi.pm	2.21	2.21.x
andy_armstrong / cgi.pm	3.04	3.04.x
andy_armstrong / cgi.pm	2.96	2.96.x
andy_armstrong / cgi.pm	2.40	2.40.x
andy_armstrong / cgi.pm	1.54	1.54.x
andy_armstrong / cgi.pm	2.43	2.43.x
andy_armstrong / cgi.pm	2.88	2.88.x
andy_armstrong / cgi.pm	1.51	1.51.x
andy_armstrong / cgi.pm	3.28	3.28.x
andy_armstrong / cgi.pm	2.36	2.36.x
andy_armstrong / cgi.pm	2.90	2.90.x
andy_armstrong / cgi.pm	2.32	2.32.x
andy_armstrong / cgi.pm	3.49	3.49.x
andy_armstrong / cgi.pm	2.57	2.57.x
andy_armstrong / cgi.pm	2.24	2.24.x
andy_armstrong / cgi.pm	1.4	1.4.x
andy_armstrong / cgi.pm	2.98	2.98.x
andy_armstrong / cgi.pm	2.93	2.93.x
andy_armstrong / cgi.pm	2.29	2.29.x
andy_armstrong / cgi.pm	2.82	2.82.x
andy_armstrong / cgi.pm	2.52	2.52.x
andy_armstrong / cgi.pm	3.11	3.11.x
andy_armstrong / cgi.pm	3.10	3.10.x
andy_armstrong / cgi.pm	2.50	2.50.x
andy_armstrong / cgi.pm	2.54	2.54.x
andy_armstrong / cgi.pm	3.26	3.26.x
andy_armstrong / cgi.pm	3.34	3.34.x
andy_armstrong / cgi.pm	3.41	3.41.x
andy_armstrong / cgi.pm	2.17	2.17.x
andy_armstrong / cgi.pm	2.15	2.15.x
andy_armstrong / cgi.pm	2.85	2.85.x
andy_armstrong / cgi.pm	2.77	2.77.x
andy_armstrong / cgi.pm	3.22	3.22.x
andy_armstrong / cgi.pm	2.38	2.38.x
andy_armstrong / cgi.pm	1.57	1.57.x
andy_armstrong / cgi.pm	2.01	2.01.x
andy_armstrong / cgi.pm	2.71	2.71.x
andy_armstrong / cgi.pm	2.27	2.27.x
andy_armstrong / cgi.pm	3.07	3.07.x
andy_armstrong / cgi.pm	1.53	1.53.x
andy_armstrong / cgi.pm	1.50	1.50.x
andy_armstrong / cgi.pm	3.09	3.09.x
andy_armstrong / cgi.pm	2.63	2.63.x
andy_armstrong / cgi.pm	3.16	3.16.x
andy_armstrong / cgi.pm	2.39	2.39.x
andy_armstrong / cgi.pm	2.68	2.68.x
andy_armstrong / cgi.pm	2.72	2.72.x
andy_armstrong / cgi.pm	3.06	3.06.x
andy_armstrong / cgi.pm	2.87	2.87.x
andy_armstrong / cgi.pm	3.40	3.40.x
andy_armstrong / cgi.pm	3.45	3.45.x
andy_armstrong / cgi.pm	3.25	3.25.x
andy_armstrong / cgi.pm	2.66	2.66.x
andy_armstrong / cgi.pm	2.60	2.60.x
andy_armstrong / cgi.pm	2.30	2.30.x
andy_armstrong / cgi.pm	3.13	3.13.x
andy_armstrong / cgi.pm	1.42	1.42.x
andy_armstrong / cgi.pm	3.29	3.29.x
andy_armstrong / cgi.pm	1.44	1.44.x
andy_armstrong / cgi.pm	2.14	2.14.x
andy_armstrong / cgi.pm	2.89	2.89.x
andy_armstrong / cgi.pm	3.19	3.19.x
andy_armstrong / cgi.pm	2.42	2.42.x
andy_armstrong / cgi.pm	2.92	2.92.x
andy_armstrong / cgi.pm	2.78	2.78.x
andy_armstrong / cgi.pm	2.33	2.33.x
andy_armstrong / cgi.pm	3.46	3.46.x
andy_armstrong / cgi.pm	2.56	2.56.x
andy_armstrong / cgi.pm	3.31	3.31.x
andy_armstrong / cgi.pm	3.27	3.27.x
andy_armstrong / cgi.pm	2.22	2.22.x
andy_armstrong / cgi.pm	3.37	3.37.x
andy_armstrong / cgi.pm	1.45	1.45.x
andy_armstrong / cgi.pm	2.41	2.41.x
andy_armstrong / cgi.pm	1.43	1.43.x
andy_armstrong / cgi.pm	2.61	2.61.x
andy_armstrong / cgi.pm	1.52	1.52.x
andy_armstrong / cgi.pm	2.55	2.55.x
andy_armstrong / cgi.pm	2.59	2.59.x
andy_armstrong / cgi.pm	2.76	2.76.x
andy_armstrong / cgi.pm	3.12	3.12.x
andy_armstrong / cgi.pm	2.37	2.37.x
andy_armstrong / cgi.pm	2.31	2.31.x
andy_armstrong / cgi.pm	2.23	2.23.x
andy_armstrong / cgi.pm	3.08	3.08.x
andy_armstrong / cgi.pm	2.751	2.751.x
andy_armstrong / cgi.pm	2.95	2.95.x
andy_armstrong / cgi.pm	2.752	2.752.x
andy_armstrong / cgi.pm	2.65	2.65.x
andy_armstrong / cgi.pm	2.46	2.46.x
andy_armstrong / cgi.pm	3.47	3.47.x
andy_armstrong / cgi.pm	2.18	2.18.x
andy_armstrong / cgi.pm	2.19	2.19.x
andy_armstrong / cgi.pm	2.34	2.34.x
andy_armstrong / cgi.pm	2.16	2.16.x
andy_armstrong / cgi.pm	2.74	2.74.x
andy_armstrong / cgi.pm	3.36	3.36.x
andy_armstrong / cgi.pm	2.79	2.79.x
andy_armstrong / cgi.pm	-	3.50.x
andy_armstrong / cgi.pm	3.02	3.02.x
andy_armstrong / cgi.pm	2.73	2.73.x
andy_armstrong / cgi.pm	3.39	3.39.x
andy_armstrong / cgi.pm	1.56	1.56.x
andy_armstrong / cgi.pm	2.48	2.48.x
andy_armstrong / cgi.pm	2.67	2.67.x
andy_armstrong / cgi.pm	3.15	3.15.x
andy_armstrong / cgi.pm	2.86	2.86.x
andy_armstrong / cgi.pm	3.48	3.48.x
andy_armstrong / cgi.pm	3.33	3.33.x
andy_armstrong / cgi.pm	2.80	2.80.x
andy_armstrong / cgi.pm	2.94	2.94.x
andy_armstrong / cgi.pm	2.64	2.64.x
andy_armstrong / cgi.pm	3.00	3.00.x
andy_armstrong / cgi.pm	2.97	2.97.x
andy_armstrong / cgi.pm	2.53	2.53.x
andy_armstrong / cgi.pm	2.35	2.35.x
andy_armstrong / cgi.pm	3.03	3.03.x
andy_armstrong / cgi.pm	3.17	3.17.x
andy_armstrong / cgi.pm	1.55	1.55.x
andy_armstrong / cgi.pm	3.21	3.21.x
andy_armstrong / cgi.pm	2.81	2.81.x
andy_armstrong / cgi.pm	2.20	2.20.x
andy_armstrong / cgi.pm	2.91	2.91.x
andy_armstrong / cgi.pm	2.47	2.47.x
andy_armstrong / cgi.pm	3.43	3.43.x
andy_armstrong / cgi.pm	3.18	3.18.x
andy_armstrong / cgi.pm	2.58	2.58.x
andy_armstrong / cgi.pm	3.30	3.30.x
andy_armstrong / cgi.pm	3.23	3.23.x
andy_armstrong / cgi.pm	2.25	2.25.x
andy_armstrong / cgi.pm	2.13	2.13.x

Vulnerability Database

289,697

CVE-2010-4411