Unrated severityNVD Advisory· Published Mar 30, 2007· Updated Apr 23, 2026
CVE-2007-1349
CVE-2007-1349
Description
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Affected products
15cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
39- rhn.redhat.com/errata/RHSA-2007-0395.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2008-0630.htmlnvdThird Party Advisory
- secunia.com/advisories/24678nvdThird Party Advisory
- secunia.com/advisories/24839nvdThird Party Advisory
- secunia.com/advisories/25072nvdThird Party Advisory
- secunia.com/advisories/25110nvdThird Party Advisory
- secunia.com/advisories/25432nvdThird Party Advisory
- secunia.com/advisories/25655nvdThird Party Advisory
- secunia.com/advisories/25730nvdThird Party Advisory
- secunia.com/advisories/25894nvdThird Party Advisory
- secunia.com/advisories/26084nvdThird Party Advisory
- secunia.com/advisories/26231nvdThird Party Advisory
- secunia.com/advisories/26290nvdThird Party Advisory
- secunia.com/advisories/31490nvdThird Party Advisory
- secunia.com/advisories/31493nvdThird Party Advisory
- secunia.com/advisories/33720nvdThird Party Advisory
- secunia.com/advisories/33723nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200705-04.xmlnvdThird Party Advisory
- support.avaya.com/elmodocs2/security/ASA-2007-293.htmnvdThird Party Advisory
- svn.apache.org/repos/asf/perl/modperl/branches/1.x/ChangesnvdVendor Advisory
- www.gossamer-threads.com/lists/modperl/modperl/92739nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0396.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0486.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0261.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0627.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/23192nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-488-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2007/1150nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/33312nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10987nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8349nvdThird Party Advisory
- patches.sgi.com/support/free/security/advisories/20070602-01-P.ascnvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- www.novell.com/linux/security/advisories/2007_12_sr.htmlnvdBroken Link
- www.novell.com/linux/security/advisories/2007_8_sr.htmlnvdBroken Link
- www.trustix.org/errata/2007/0023/nvdBroken Link
News mentions
0No linked articles in our index yet.