CVE-2011-1487

Name of the Vulnerable Software and Affected Versions Perl versions 5.10.x through 5.13.11

Description The issue is related to the lc, lcfirst, uc, and ucfirst functions in Perl, which do not apply the taint attribute to the return value when processing tainted input. This might allow attackers to bypass the taint protection mechanism via a crafted string. The vulnerability is associated with insufficient access control and can be exploited by a remote attacker to inject arbitrary code due to errors related to the non-application of the taint attribute for untrusted data.

Recommendations For Perl versions 5.10.x through 5.13.11, consider applying a patch or updating to a version where this issue is fixed, as the current version does not properly handle tainted input for the lc, lcfirst, uc, and ucfirst functions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.