Mandriva Linux Security Advisory : perl-Dancer (MDVSA-2013:184)
Medium Nessus Plugin ID 67013
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated perl-Dancer package fixes CVE-2012-5572
A security flaw was found in the way Dancer.pm, lightweight yet powerful web application framework / Perl language module, performed sanitization of values to be used for cookie() and cookies() methods.
A remote attacker could use this flaw to inject arbitrary headers into responses from (Perl) applications, that use Dancer.pm (CVE-2012-5572).
SolutionUpdate the affected perl-Dancer package.