Lucene search
RootSSV:60221HistoryJun 16, 2012 - 12:00 a.m.
Adobe ColdFusion HTTP响应分离漏洞
2012-06-1600:00:00
Root
www.seebug.org
15
EPSS
0.029
Percentile
90.9%
CVE ID: CVE-2012-2041
Adobe ColdFusion是一个动态Web服务器。
Adobe ColdFusion 8.0至9.0.1版本没有正确过滤某些输入即返回给用户,在实现上存在CRLF注入漏洞,可被利用插入任意HTTP标头,并执行HTTP响应分离攻击。
0
Adobe ColdFusion 9.x
Adobe ColdFusion 8.x
厂商补丁:
Adobe
Adobe已经为此发布了一个安全公告(apsb12-15)以及相应补丁:
apsb12-15:Security update: Hotfix available for ColdFusion 9.0.1 and earlier
链接:http://www.adobe.com/support/security/bulletins/apsb12-15.html
Related
openvas
openvas
Adobe ColdFusion HTTP Response Splitting Vulnerability (APSB12-15)
2012-07-23 00:00:00
cve
cve
CVE-2012-2041
2012-06-13 04:46:46
nessus
nessus
Adobe ColdFusion HTTP Response Splitting (APSB12-15) (credentialed check)
2014-05-27 00:00:00
Adobe ColdFusion HTTP Response Splitting (APSB12-15)
2012-06-26 00:00:00
cvelist
cvelist
CVE-2012-2041
2012-06-13 01:00:00
nvd
nvd
CVE-2012-2041
2012-06-13 04:46:46
prion
prion
Crlf injection
2012-06-13 04:46:00