CVE-2012-6141

Name of the Vulnerable Software and Affected Versions App::Context versions 0.01 through 0.968

Description The issue arises from the improper use of the Storable::thaw function in the App::Context module for Perl. This allows remote attackers to execute arbitrary code via a crafted request to API endpoints such as (1) "App::Session::Cookie" or (2) "App::Session::HTMLHidden". The problem occurs when the request is not properly handled during deserialization.

Recommendations For App::Context versions 0.01 through 0.968, consider disabling the use of the Storable::thaw function until a proper fix is available. Restrict access to the App::Session::Cookie and App::Session::HTMLHidden modules to minimize the risk of exploitation. Avoid using these modules in deserialization processes until the issue is resolved.