VDB

GCVE-110-MAGEIA-2013-352

GCVE-110-MAGEIA-2013-352
Advisory Published
Vulnetix · Advisory published November 22, 2013
Updated perl-HTTP-Body package fixes security vulnerability: Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to upload files to a service that uses HTTP::Body::Multipart could potentially execute commands on the server if these temporary filenames are used in subsequent commands without further checks (CVE-2013-4407).

Affected Products

VendorProductVersionsPlatforms
Mageiaperl-HTTP-Body0 (affected), 1.170.0-2.1.mga3 (unaffected)
Mageiaperl-HTTP-Body0 (affected), 1.150.0-1.1.mga2 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›