I think Perl itself isn't vulnerable to the same problem: env variables aren't automatically evaluated, at least not in general; but, I actually wonder whether the usual Perl variables like PERL5LIB, PERL5OPT, LOGDIR, PERL5DB, PERL5SHELL etc. can't be set and misused through CGI.
Also, anything that involves running a shell (open "...|" or "|...", system, exec with non-trivial single string arguments that Perl doesn't know how to handle directly) will probably be exposing the problem in the used shell (probably bash in sh mode) unless the latter is patched. I don't immediately see any such calls in CGI/Application.pm or CGI/Application/Mailform.pm, but don't rely on that, any number of other modules you're using could be running a shell. Upgrade bash to solve that part. Ch.