Lucene search
HistoryAug 21, 2012 - 10:46 a.m.
CVE-2012-3301
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
56.6%
Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers.
Affected configurations
Node
ibmlotus_dominoMatch8.5.0
ORibmlotus_dominoMatch8.5.0.1
ORibmlotus_dominoMatch8.5.1.1
ORibmlotus_dominoMatch8.5.1.2
ORibmlotus_dominoMatch8.5.1.3
ORibmlotus_dominoMatch8.5.1.4
ORibmlotus_dominoMatch8.5.1.5
ORibmlotus_dominoMatch8.5.2.0
ORibmlotus_dominoMatch8.5.2.1
ORibmlotus_dominoMatch8.5.2.2
ORibmlotus_dominoMatch8.5.2.3
ORibmlotus_dominoMatch8.5.2.4
ORibmlotus_dominoMatch8.5.3.0
ORibmlotus_dominoMatch8.5.3.1
ORibmlotus_dominoMatch8.5.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_domino | 8.5.0 | cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.0.1 | cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.1 | cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.2 | cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.3 | cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.4 | cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.5 | cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.0 | cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.1 | cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.2 | cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:* |
Related
prion
prion
Crlf injection
2012-08-21 10:46:00
securityvulns
securityvulns
HTTP Response Splitting and XSS vulnerabilities in IBM Lotus Domino
2012-09-09 00:00:00
IBM Lotus Domino Cross-Site Scripting and HTTP Response Splitting vulnerabilities
2012-09-02 00:00:00
IBM Lotus Domino crossite scripting
2013-04-01 00:00:00
cvelist
cvelist
CVE-2012-3301
2012-08-21 10:00:00
cve
cve
CVE-2012-3301
2012-08-21 10:46:10
seebug
seebug
IBM Lotus Domino HTTPεεΊε离εθ·¨η«θζ¬ζ§θ‘ζΌζ΄
2012-08-21 00:00:00
IBM Lotus Domino 8.5.3 XSS / HTTP Response Splitting
2012-09-04 00:00:00
openvas
openvas
IBM Lotus Domino HTTP Server Multiple Vulnerabilities
2013-03-27 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
56.6%
Related for NVD:CVE-2012-3301