CVE-2013-4407
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2013-4407
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
HTTP::Body::Multipart in the HTTP-Body module for Perl (1.07 through 1.22, before 1.23) uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume the suffix is well-formed.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Perl-HTTP-Body模块命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Perl是美国程序员拉里-沃尔(Larry Wall)所研发的一种免费且功能强大的跨平台编程语言。HTTP-Body是其中的一个Body解析模块。 Perl-HTTP-Body模块中的HTTP::Body::Multipart解析器1.08及之前的版本中存在命令注入漏洞。远程攻击者可利用该漏洞上传文件到服务器,执行任意命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2013-4407
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2013-4407
Please Login to view more intelligence information
- 🔗 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721634x_refsource_CONFIRM
- 🔗 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00018.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2013-4407
Same Patch Batch · n/a · 2013-11-23 · 60 CVEs total
| CVE-2013-0868 | FFmpeg libavcodec/huffyuvdec.c文件整数溢出漏洞 | |
| CVE-2013-4509 | IBus 本地密码信息泄露漏洞 | |
| CVE-2013-6867 | SAP Sybase Adaptive Server Enterprise 安全漏洞 | |
| CVE-2013-6866 | SAP Sybase Adaptive Server Enterprise 安全漏洞 | |
| CVE-2013-6865 | SAP Sybase Adaptive Server Enterprise 安全漏洞 | |
| CVE-2013-6868 | SAP Sybase Adaptive Server Enterprise 安全漏洞 | |
| CVE-2013-4459 | LightDM ‘create_guest_session()’函数安全绕过漏洞 | |
| CVE-2013-2561 | OpenFabrics ibutils 不安全临时文件漏洞 | |
| CVE-2013-1058 | Ubuntu MAAS Server 中间人攻击漏洞 | |
| CVE-2013-0869 | FFmpeg libavcodec/h264.c ‘field_end()’函数安全漏洞 | |
| CVE-2013-4547 | F5 Nginx 权限许可和访问控制漏洞 | |
| CVE-2013-0867 | FFmpeg libavcodec/h264.c ‘decode_slice_header()’函数安全漏洞 | |
| CVE-2013-0866 | FFmpeg libavcodec/aacdec.c ‘aac_decode_init()’函数边界错误漏洞 | |
| CVE-2013-0865 | FFmpeg libavcodec/vqavideo.c ‘vqa_decode_chunk()’函数边界错误漏洞 | |
| CVE-2013-0864 | FFmpeg libavcodec/gifdec.c ‘gif_copy_img_rect()’函数拒绝服务漏洞 | |
| CVE-2013-0863 | FFmpeg libavcodec/sanm.c ‘rle_decode’函数缓冲区溢出漏洞 | |
| CVE-2013-0862 | FFmpeg ‘ibavcodec/sanm.c process_frame_obj()’函数整数溢出漏洞 | |
| CVE-2013-0861 | FFmpeg ‘avcodec_decode_audio4’函数拒绝服务漏洞 | |
| CVE-2013-0860 | FFmpeg ‘ff_er_frame_end’函数拒绝服务漏洞 | |
| CVE-2013-0223 | GNU coreutils 缓冲区错误漏洞 |
Showing top 20 of 60 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial
V. Comments for CVE-2013-4407
No comments yet