CVE-2012-0216

Executive Summary

Informations
Name	CVE-2012-0216	First vendor Publication	2012-04-22
Vendor	Cve	Last vendor Modification	2012-08-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	4.4	Attack Range	Local
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	3.4	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0216

CPE : Common Platform Enumeration

Type	Description	Count
Application	Debian apache2 cpe:/a:debian:apache2:2.22-3:sid cpe:/a:debian:apache2:2.2.22-1:wheezy cpe:/a:debian:apache2:2.2.16-6:squeeze6	3

Internal Sources (Detail)

Source	Url
DEBIAN	http://www.debian.org/security/2012/dsa-2452
XF	http://xforce.iss.net/xforce/xfdb/75211

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 22:31:59	Multiple Updates

Type	Count
CPE ID(s)	3

Related	Severity
DSA-2452	(Medium)

Facebook rss twitter linkedin mail

CVE-2012-0216

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Internal Sources (Detail)

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU