CVE Vulnerabilities

CVE-2012-5486

Published: Sep 30, 2014 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V3
Ubuntu

ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Affected Software

Name Vendor Start Version End Version
Plone Plone * 4.2.2 (including)
Plone Plone 1.0 (including) 1.0 (including)
Plone Plone 1.0.1 (including) 1.0.1 (including)
Plone Plone 1.0.2 (including) 1.0.2 (including)
Plone Plone 1.0.3 (including) 1.0.3 (including)
Plone Plone 1.0.4 (including) 1.0.4 (including)
Plone Plone 1.0.5 (including) 1.0.5 (including)
Plone Plone 1.0.6 (including) 1.0.6 (including)
Plone Plone 2.0 (including) 2.0 (including)
Plone Plone 2.0.1 (including) 2.0.1 (including)
Plone Plone 2.0.2 (including) 2.0.2 (including)
Plone Plone 2.0.3 (including) 2.0.3 (including)
Plone Plone 2.0.4 (including) 2.0.4 (including)
Plone Plone 2.0.5 (including) 2.0.5 (including)
Plone Plone 2.1 (including) 2.1 (including)
Plone Plone 2.1.1 (including) 2.1.1 (including)
Plone Plone 2.1.2 (including) 2.1.2 (including)
Plone Plone 2.1.3 (including) 2.1.3 (including)
Plone Plone 2.1.4 (including) 2.1.4 (including)
Plone Plone 2.5 (including) 2.5 (including)
Plone Plone 2.5.1 (including) 2.5.1 (including)
Plone Plone 2.5.2 (including) 2.5.2 (including)
Plone Plone 2.5.3 (including) 2.5.3 (including)
Plone Plone 2.5.4 (including) 2.5.4 (including)
Plone Plone 2.5.5 (including) 2.5.5 (including)
Plone Plone 3.0 (including) 3.0 (including)
Plone Plone 3.0.1 (including) 3.0.1 (including)
Plone Plone 3.0.2 (including) 3.0.2 (including)
Plone Plone 3.0.3 (including) 3.0.3 (including)
Plone Plone 3.0.4 (including) 3.0.4 (including)
Plone Plone 3.0.5 (including) 3.0.5 (including)
Plone Plone 3.0.6 (including) 3.0.6 (including)
Plone Plone 3.1 (including) 3.1 (including)
Plone Plone 3.1.1 (including) 3.1.1 (including)
Plone Plone 3.1.2 (including) 3.1.2 (including)
Plone Plone 3.1.3 (including) 3.1.3 (including)
Plone Plone 3.1.4 (including) 3.1.4 (including)
Plone Plone 3.1.5.1 (including) 3.1.5.1 (including)
Plone Plone 3.1.6 (including) 3.1.6 (including)
Plone Plone 3.1.7 (including) 3.1.7 (including)
Plone Plone 3.2 (including) 3.2 (including)
Plone Plone 3.2.1 (including) 3.2.1 (including)
Plone Plone 3.2.2 (including) 3.2.2 (including)
Plone Plone 3.2.3 (including) 3.2.3 (including)
Plone Plone 3.3 (including) 3.3 (including)
Plone Plone 3.3.1 (including) 3.3.1 (including)
Plone Plone 3.3.2 (including) 3.3.2 (including)
Plone Plone 3.3.3 (including) 3.3.3 (including)
Plone Plone 3.3.4 (including) 3.3.4 (including)
Plone Plone 3.3.5 (including) 3.3.5 (including)
Plone Plone 4.0 (including) 4.0 (including)
Plone Plone 4.0.1 (including) 4.0.1 (including)
Plone Plone 4.0.2 (including) 4.0.2 (including)
Plone Plone 4.0.3 (including) 4.0.3 (including)
Plone Plone 4.0.4 (including) 4.0.4 (including)
Plone Plone 4.0.5 (including) 4.0.5 (including)
Plone Plone 4.0.6.1 (including) 4.0.6.1 (including)
Plone Plone 4.1 (including) 4.1 (including)
Plone Plone 4.1.4 (including) 4.1.4 (including)
Plone Plone 4.1.5 (including) 4.1.5 (including)
Plone Plone 4.1.6 (including) 4.1.6 (including)
Plone Plone 4.2 (including) 4.2 (including)
Plone Plone 4.2-a1 (including) 4.2-a1 (including)
Plone Plone 4.2-a2 (including) 4.2-a2 (including)
Plone Plone 4.2-b1 (including) 4.2-b1 (including)
Plone Plone 4.2-b2 (including) 4.2-b2 (including)
Plone Plone 4.2-rc1 (including) 4.2-rc1 (including)
Plone Plone 4.2-rc2 (including) 4.2-rc2 (including)
Plone Plone 4.2.0.1 (including) 4.2.0.1 (including)
Plone Plone 4.2.1 (including) 4.2.1 (including)
Plone Plone 4.2.1.1 (including) 4.2.1.1 (including)
Plone Plone 4.3 (including) 4.3 (including)
Red Hat Enterprise Linux 5 RedHat conga-0:0.12.2-81.el5 *

References