← back
CVE-2012-6329

CVE-2012-6329

50Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 62%
from disclosure to weapon0 days
Published on NVDJan 4
1st PoCDec 23
metasploitDec 3
exploitation probability
62%top 1% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.