Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Perl 任意代码执行漏洞
Vulnerability Description
Perl 5.17.7之前版本中的Locale::Maketext实现中的_compile函数中存在漏洞,该漏洞源于在括号表示法编译过程中没有正确处理反斜线和完全限定的方法名。通过特制的输入到接收来自用户的翻译字符串的应用程序(如Twiki应用程序5.1.3版本以及Foswiki应用程序1.0.x至1.0.10和1.1.x至1.1.6版本),上下文相关的攻击者利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A