Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2010-2253

Disclosure Date: July 06, 2010
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Vendors

  • gisle aas,
  • search.cpan

Products

  • libwww-perl,
  • libwww-perl 0.01,
  • libwww-perl 0.02,
  • libwww-perl 0.03,
  • libwww-perl 0.04,
  • libwww-perl 5.00,
  • libwww-perl 5.01,
  • libwww-perl 5.02,
  • libwww-perl 5.03,
  • libwww-perl 5.04,
  • libwww-perl 5.05,
  • libwww-perl 5.06,
  • libwww-perl 5.07,
  • libwww-perl 5.08,
  • libwww-perl 5.09,
  • libwww-perl 5.10,
  • libwww-perl 5.11,
  • libwww-perl 5.12,
  • libwww-perl 5.13,
  • libwww-perl 5.14,
  • libwww-perl 5.15,
  • libwww-perl 5.16,
  • libwww-perl 5.17,
  • libwww-perl 5.18,
  • libwww-perl 5.18 03,
  • libwww-perl 5.18 04,
  • libwww-perl 5.18 05,
  • libwww-perl 5.19,
  • libwww-perl 5.20,
  • libwww-perl 5.21,
  • libwww-perl 5.22,
  • libwww-perl 5.30,
  • libwww-perl 5.31,
  • libwww-perl 5.32,
  • libwww-perl 5.33,
  • libwww-perl 5.34,
  • libwww-perl 5.35,
  • libwww-perl 5.36,
  • libwww-perl 5.40 01,
  • libwww-perl 5.41,
  • libwww-perl 5.42,
  • libwww-perl 5.43,
  • libwww-perl 5.44,
  • libwww-perl 5.45,
  • libwww-perl 5.46,
  • libwww-perl 5.47,
  • libwww-perl 5.48,
  • libwww-perl 5.49,
  • libwww-perl 5.50,
  • libwww-perl 5.51,
  • libwww-perl 5.52,
  • libwww-perl 5.53,
  • libwww-perl 5.53 90,
  • libwww-perl 5.53 91,
  • libwww-perl 5.53 92,
  • libwww-perl 5.53 93,
  • libwww-perl 5.53 94,
  • libwww-perl 5.53 95,
  • libwww-perl 5.53 96,
  • libwww-perl 5.53 97,
  • libwww-perl 5.60,
  • libwww-perl 5.61,
  • libwww-perl 5.62,
  • libwww-perl 5.63,
  • libwww-perl 5.64,
  • libwww-perl 5.65,
  • libwww-perl 5.66,
  • libwww-perl 5.67,
  • libwww-perl 5.68,
  • libwww-perl 5.69,
  • libwww-perl 5.70,
  • libwww-perl 5.71,
  • libwww-perl 5.72,
  • libwww-perl 5.73,
  • libwww-perl 5.74,
  • libwww-perl 5.75,
  • libwww-perl 5.76,
  • libwww-perl 5.77,
  • libwww-perl 5.78,
  • libwww-perl 5.79,
  • libwww-perl 5.800,
  • libwww-perl 5.801,
  • libwww-perl 5.802,
  • libwww-perl 5.803,
  • libwww-perl 5.804,
  • libwww-perl 5.805,
  • libwww-perl 5.806,
  • libwww-perl 5.807,
  • libwww-perl 5.808,
  • libwww-perl 5.810,
  • libwww-perl 5.811,
  • libwww-perl 5.812,
  • libwww-perl 5.813,
  • libwww-perl 5.814,
  • libwww-perl 5.815,
  • libwww-perl 5.816,
  • libwww-perl 5.817,
  • libwww-perl 5.818,
  • libwww-perl 5.819,
  • libwww-perl 5.820,
  • libwww-perl 5.821,
  • libwww-perl 5.822,
  • libwww-perl 5.823,
  • libwww-perl 5.824,
  • libwww-perl 5.825,
  • libwww-perl 5.826,
  • libwww-perl 5.827,
  • libwww-perl 5.828,
  • libwww-perl 5.829,
  • libwww-perl 5.830,
  • libwww-perl 5.831,
  • libwww-perl 5.832,
  • libwww-perl 5.833,
  • libwww-perl 5b10,
  • libwww-perl 5b11,
  • libwww-perl 5b12,
  • libwww-perl 5b13,
  • libwww-perl 5b5,
  • libwww-perl 5b6,
  • libwww-perl 5b7,
  • libwww-perl 5b8,
  • libwww-perl 5b9
Technical Analysis