It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.
References
Link | Resource |
---|---|
https://metacpan.org/release/MIYAGAWA/XML-Atom-0.39/source/Changes | Release Notes Third Party Advisory |
https://seclists.org/oss-sec/2012/q1/549 | Exploit Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2021-07-09T10:42:36
Updated: 2021-07-09T10:42:36
Reserved: 2012-02-14T00:00:00
Link: CVE-2012-1102
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-09T11:15:07.407
Modified: 2021-07-13T15:21:08.517
Link: CVE-2012-1102
JSON object: View
Redhat Information
No data.
CWE