Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4023

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4023
Last Modified 02 Feb 2013 12:07:30
Published 08 Nov 2012 06:46:24
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4023

Summary

CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Vulnerable Systems

Application

  • Simon Brown Pebble 1.0

  • Simon Brown Pebble 1.1

  • Simon Brown Pebble 1.2

  • Simon Brown Pebble 1.3

  • Simon Brown Pebble 1.4

  • Simon Brown Pebble 1.4.1

  • Simon Brown Pebble 1.4.2

  • Simon Brown Pebble 1.5

  • Simon Brown Pebble 1.5.1

  • Simon Brown Pebble 1.6

  • Simon Brown Pebble 1.7

  • Simon Brown Pebble 1.7.1

  • Simon Brown Pebble 1.7.2

  • Simon Brown Pebble 1.8

  • Simon Brown Pebble 1.9

  • Simon Brown Pebble 2.0

  • Simon Brown Pebble 2.0.0

  • Simon Brown Pebble 2.0.1

  • Simon Brown Pebble 2.1

  • Simon Brown Pebble 2.2

  • Simon Brown Pebble 2.3

  • Simon Brown Pebble 2.3.1

  • Simon Brown Pebble 2.3.2

  • Simon Brown Pebble 2.4

  • Simon Brown Pebble 2.5

  • Simon Brown Pebble 2.5.1

  • Simon Brown Pebble 2.5.2

  • Simon Brown Pebble 2.5.3

  • Simon Brown Pebble 2.6

  • Simon Brown Pebble 2.6.1

  • Simon Brown Pebble 2.6.2

  • Simon Brown Pebble 2.6.3


References

JVNDB - JVNDB-2012-000099

JVN - JVN#39563771

SECUNIA - 51102


Last Updated: 27 May 2016 10:53:44