Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-3502
HistoryAug 22, 2012 - 12:00 a.m.

CVE-2012-3502

2012-08-2200:00:00
ubuntu.com
ubuntu.com
8

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.7%

JSON

The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module
and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP
Server 2.4.x before 2.4.3 does not properly determine the situations that
require closing a back-end connection, which allows remote attackers to
obtain sensitive information in opportunistic circumstances by reading a
response that was intended for a different client.

Notes

Author Note
sbeattie 2.4.x only

Related

cvelist 1
prion 1
f5 2
httpd 1
openvas 1
debiancve 1
cve 1
threatpost 1
nessus 3
seebug 1
cvelist
cvelist
CVE-2012-3502
2012-08-22 19:00:00
prion
prion
Information disclosure
2012-08-22 19:55:00
f5
f5
SOL17202 - Apache HTTP server vulnerability CVE-2012-3502
2015-08-31 00:00:00
K17202 : Apache HTTP server vulnerability CVE-2012-3502
2015-08-31 00:00:00
httpd
httpd
Apache Httpd < 2.4.3 : Response mixup when using mod_proxy_ajp or mod_proxy_http
2012-08-16 00:00:00
openvas
openvas
Apache HTTP Server Information Disclosure Vulnerability (Aug 2012) - Linux
2021-11-01 00:00:00
debiancve
debiancve
CVE-2012-3502
2012-08-22 19:55:00
cve
cve
CVE-2012-3502
2012-08-22 19:55:00
threatpost
threatpost
Apache Fixes Two Security Flaws in Version 2.4.3
2012-08-21 17:45:56
nessus
nessus
Apache 2.4.x < 2.4.3 Multiple Vulnerabilities
2012-08-23 00:00:00
Apache 2.4.x < 2.4.3 Multiple Vulnerabilities
2019-01-09 00:00:00
Apache 2.4.1, 2.4.2 Multiple Vulnerabilities
2012-08-23 00:00:00
seebug
seebug
Apache 2.4.2 HTTP Server HTML注入和信息泄露漏洞
2012-08-23 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.7%

JSON
Related for UB:CVE-2012-3502
cvelist1prion1f52httpd1openvas1debiancve1cve1threatpost1nessus3seebug1