VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Dec 6, 2010· Updated Apr 29, 2026

CVE-2010-4411

CVE-2010-4411

Description

Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.

Affected products

155
  • Andy Armstrong/Cgi.pm155 versions
    cpe:2.3:a:andy_armstrong:cgi.pm:*:*:*:*:*:*:*:*+ 154 more
    • cpe:2.3:a:andy_armstrong:cgi.pm:*:*:*:*:*:*:*:*range: <=3.50
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.42:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.43:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.44:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.45:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.50:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.51:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.52:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.53:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.54:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.55:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.56:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:1.57:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.01:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.15:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.16:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.17:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.18:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.19:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.20:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.21:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.22:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.23:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.24:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.25:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.26:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.27:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.28:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.29:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.30:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.31:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.32:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.33:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.34:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.35:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.36:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.37:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.38:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.39:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.40:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.41:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.42:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.43:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.44:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.45:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.46:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.47:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.48:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.49:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.50:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.51:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.52:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.53:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.54:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.55:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.56:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.57:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.58:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.59:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.60:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.61:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.62:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.63:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.64:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.65:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.66:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.67:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.68:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.69:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.70:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.71:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.72:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.73:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.74:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.75:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.751:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.752:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.76:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.77:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.78:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.79:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.80:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.81:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.82:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.83:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.84:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.85:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.86:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.87:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.88:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.89:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.90:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.91:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.92:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.93:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.94:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.95:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.96:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.97:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.98:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:2.99:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.00:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.01:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.02:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.03:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.04:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.05:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.06:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.07:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.08:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.09:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.11:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.12:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.13:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.14:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.15:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.16:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.17:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.18:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.19:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.20:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.21:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.22:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.23:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.24:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.25:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.26:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.27:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.28:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.29:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.30:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.31:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.32:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.33:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.34:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.35:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.36:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.37:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.38:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.39:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.40:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.41:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.42:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.43:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.44:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.45:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.46:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.47:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.48:*:*:*:*:*:*:*
    • cpe:2.3:a:andy_armstrong:cgi.pm:3.49:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

15

News mentions

0

No linked articles in our index yet.