Intrusion Prevention



It indicates an attacker attempted to exploit a bug in CVSForm and execute unauthorized commmands. CSVForm is a Perl cgi used to format cgi input into a comma separated text file. The script fails to properly validate user supplied input given as the file to open. A malicious attacker can leverage this to execute script commands against the system.

Affected Products

Mutasem Abudahab CSVFormPlus 1.0 and Mutasem Abudahab CSVForm 0.1


Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References