Lucene search
Japan Vulnerability NotesJVN:39563771HistoryNov 02, 2012 - 12:00 a.m.
JVN#39563771: Pebble vulnerable to HTTP header injection
2012-11-0200:00:00
Japan Vulnerability Notes
jvn.jp
22
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.0%
Pebble is an open source weblog system. Pebble contains an HTTP header injection vulnerability.
Impact
Forged information may be displayed on the userβs web browser, arbitrary scripts may be executed or arbitrary values may be set for cookies.
Solution
Update the software
Update to the latest version according to the information provided by the developer.
Products Affected
- Pebble versions prior to 2.6.4
Related
prion
prion
Crlf injection
2012-11-08 11:46:00
cve
cve
CVE-2012-4023
2012-11-08 11:46:24
cvelist
cvelist
CVE-2012-4023
2012-11-08 11:00:00
nvd
nvd
CVE-2012-4023
2012-11-08 11:46:24
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.0%
Related for JVN:39563771