CVE-2012-5486

🗓️ 30 Sep 2014 14:00:00Reported by redhatType

ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19 allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character

Reporter	Title	Published	Views	Family All 33
Tenable Nessus	CentOS 5 : conga (CESA-2014:1194)	1 Oct 201400:00	–	nessus
Tenable Nessus	Oracle Linux 5 : conga (ELSA-2014-1194)	18 Sep 201400:00	–	nessus
Tenable Nessus	RHEL 5 : conga (RHSA-2014:1194)	8 Nov 201400:00	–	nessus
Tenable Nessus	Scientific Linux Security Update : conga on SL5.x i386/x86_64 (20140916)	14 Oct 201400:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2012-5486	4 Mar 202500:00	–	nessus
Cent OS	luci, ricci security update	30 Sep 201411:21	–	centos
Cvelist	CVE-2012-5486	30 Sep 201414:00	–	cvelist
Oracle linux	conga security and bug fix update	17 Sep 201400:00	–	oraclelinux
EUVD	EUVD-2014-0046	7 Oct 202500:30	–	euvd
Github Security Blog	HTTP header injection in Plone and Zope2	23 Jul 201819:51	–	github

NVD

Node

plone ploneRange≤4.2.2

plone ploneMatch1.0

plone ploneMatch1.0.1

plone ploneMatch1.0.2

plone ploneMatch1.0.3

plone ploneMatch1.0.4

plone ploneMatch1.0.5

plone ploneMatch1.0.6

plone ploneMatch2.0

plone ploneMatch2.0.1

plone ploneMatch2.0.2

plone ploneMatch2.0.3

plone ploneMatch2.0.4

plone ploneMatch2.0.5

plone ploneMatch2.1

plone ploneMatch2.1.1

plone ploneMatch2.1.2

plone ploneMatch2.1.3

plone ploneMatch2.1.4

plone ploneMatch2.5

plone ploneMatch2.5.1

plone ploneMatch2.5.2

plone ploneMatch2.5.3

plone ploneMatch2.5.4

plone ploneMatch2.5.5

plone ploneMatch3.0

plone ploneMatch3.0.1

plone ploneMatch3.0.2

plone ploneMatch3.0.3

plone ploneMatch3.0.4

plone ploneMatch3.0.5

plone ploneMatch3.0.6

plone ploneMatch3.1

plone ploneMatch3.1.1

plone ploneMatch3.1.2

plone ploneMatch3.1.3

plone ploneMatch3.1.4

plone ploneMatch3.1.5.1

plone ploneMatch3.1.6

plone ploneMatch3.1.7

plone ploneMatch3.2

plone ploneMatch3.2.1

plone ploneMatch3.2.2

plone ploneMatch3.2.3

plone ploneMatch3.3

plone ploneMatch3.3.1

plone ploneMatch3.3.2

plone ploneMatch3.3.3

plone ploneMatch3.3.4

plone ploneMatch3.3.5

plone ploneMatch4.0

plone ploneMatch4.0.1

plone ploneMatch4.0.2

plone ploneMatch4.0.3

plone ploneMatch4.0.4

plone ploneMatch4.0.5

plone ploneMatch4.0.6.1

plone ploneMatch4.1

plone ploneMatch4.1.4

plone ploneMatch4.1.5

plone ploneMatch4.1.6

plone ploneMatch4.2

plone ploneMatch4.2a1

plone ploneMatch4.2a2

plone ploneMatch4.2b1

plone ploneMatch4.2b2

plone ploneMatch4.2rc1

plone ploneMatch4.2rc2

plone ploneMatch4.2.0.1

plone ploneMatch4.2.1

plone ploneMatch4.2.1.1

plone ploneMatch4.3

Node

zope zopeMatch2.5.1

zope zopeMatch2.6.1

zope zopeMatch2.6.4

zope zopeMatch2.7.0

zope zopeMatch2.7.3

zope zopeMatch2.7.4

zope zopeMatch2.7.5

zope zopeMatch2.7.6

zope zopeMatch2.7.7

zope zopeMatch2.7.8

zope zopeMatch2.8.1

zope zopeMatch2.8.4

zope zopeMatch2.8.6

zope zopeMatch2.8.8

zope zopeMatch2.9.2

zope zopeMatch2.9.3

zope zopeMatch2.9.4

zope zopeMatch2.9.5

zope zopeMatch2.9.6

zope zopeMatch2.9.7

zope zopeMatch2.10.3

zope zopeMatch2.10.8

zope zopeMatch2.11.0

zope zopeMatch2.11.1

zope zopeMatch2.11.2

zope zopeMatch2.11.3

zope zopeMatch2.13.18

Source	Link
plone	www.plone.org/products/plone/security/advisories/20121106/02
plone	www.plone.org/products/plone-hotfix/releases/20121106
rhn	www.rhn.redhat.com/errata/RHSA-2014-1194.html
bugs	www.bugs.launchpad.net/zope2/+bug/930812
openwall	www.openwall.com/lists/oss-security/2012/11/10/1

06 May 2026 22:30Current

6.4Medium risk

Vulners AI Score6.4

CVSS 26.4

EPSS0.00821

cve-2012-5486 nvd zope 2 plone 4.3 beta 1 security vulnerability remote attack