Lucene search
HistorySep 30, 2014 - 2:55 p.m.
CVE-2012-5486
cve-2012-5486
nvd
zope 2
plone 4.3 beta 1
security vulnerability
remote attack
6.3 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.012 Low
EPSS
Percentile
84.9%
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.
Related
prion
prion
Code injection
2014-09-30 14:55:00
osv
osv
PYSEC-2014-28
2014-09-30 14:55:00
PYSEC-2014-73
2014-09-30 14:55:00
HTTP header injection in Plone and Zope2
2018-07-23 19:51:50
cvelist
cvelist
CVE-2012-5486
2014-09-30 14:00:00
github
github
HTTP header injection in Plone and Zope2
2018-07-23 19:51:50
nessus
nessus
RHEL 5 : conga (RHSA-2014:1194)
2014-11-08 00:00:00
Oracle Linux 5 : conga (ELSA-2014-1194)
2014-09-18 00:00:00
Scientific Linux Security Update : conga on SL5.x i386/x86_64 (20140916)
2014-10-14 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2014-1194)
2015-10-06 00:00:00
CentOS Update for luci CESA-2014:1194 centos5
2014-10-01 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:04:02
Access Restriction Bypass
2019-05-02 05:04:02
centos
centos
luci, ricci security update
2014-09-30 11:21:33
redhat
redhat
(RHSA-2014:1194) Moderate: conga security and bug fix update
2014-09-16 00:00:00
oraclelinux
oraclelinux
conga security and bug fix update
2014-09-17 00:00:00
6.3 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.012 Low
EPSS
Percentile
84.9%
Related for CVE-2012-5486