2.6 - CVE-2012-2687

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2012-2687	First vendor Publication	2012-08-22
Vendor	Cve	Last vendor Modification	2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Cvss Base Score	2.6	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	High
Cvss Expoit Score	4.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18832

Oval ID:	oval:org.mitre.oval:def:18832
Title:	HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities
Description:	Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-2687	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02866 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests hpuxws22APCH32.APACHE version is less than B.2.2.15.15 AND hpuxws22APCH32.APACHE2 version is less than B.2.2.15.15 AND hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.15 AND hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.15 AND hpuxws22APCH32.MOD_JK version is less than B.2.2.15.15 AND hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.15 AND hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.15 AND hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.15 AND hpuxws22APCH32.PHP version is less than B.2.2.15.15 AND hpuxws22APCH32.PHP2 version is less than B.2.2.15.15 AND hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.15 AND hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.15 OR Criteria meets HP Security Bulletin HPSBUX02866 HP-UX B.11.31 AND hpuxws22TOMCAT.TOMCAT version is less than C.6.0.36.01 OR Criteria meets HP Security Bulletin HPSBUX02866 HP-UX B.11.31 AND hpuxws22TOMCAT.TOMCAT version is less than D.7.0.35.01

Definition Id: oval:org.mitre.oval:def:19539

Oval ID:	oval:org.mitre.oval:def:19539
Title:	HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Cross Site Scripting (XSS)
Description:	Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-2687	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.31 AND hpuxws22TOMCAT.TOMCAT version is less than D.7.0.35.01

Definition Id: oval:org.mitre.oval:def:21017

Oval ID:	oval:org.mitre.oval:def:21017
Title:	RHSA-2013:0130: httpd security, bug fix, and enhancement update (Low)
Description:	Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0130-00 CESA-2013:0130 CVE-2008-0455 CVE-2008-0456 CVE-2012-2687	Version:	45
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	httpd
Definition Synopsis:
Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND Packages section httpd-manual is earlier than 0:2.2.3-74.el5 AND httpd is earlier than 0:2.2.3-74.el5 AND httpd-devel is earlier than 0:2.2.3-74.el5 AND mod_ssl is earlier than 0:2.2.3-74.el5 OR Centos 5 section CentOS Linux 5.x AND Packages section httpd-manual is earlier than 0:2.2.3-74.el5.centos AND httpd is earlier than 0:2.2.3-74.el5.centos AND httpd-devel is earlier than 0:2.2.3-74.el5.centos AND mod_ssl is earlier than 0:2.2.3-74.el5.centos

Definition Id: oval:org.mitre.oval:def:23042

Oval ID:	oval:org.mitre.oval:def:23042
Title:	ELSA-2013:0130: httpd security, bug fix, and enhancement update (Low)
Description:	Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0130-00 CVE-2008-0455 CVE-2008-0456 CVE-2012-2687	Version:	17
Platform(s):	Oracle Linux 5	Product(s):	httpd
Definition Synopsis:
Oracle Linux 5.x rpm test httpd-manual is earlier than 0:2.2.3-74.el5 AND httpd is earlier than 0:2.2.3-74.el5 AND httpd-devel is earlier than 0:2.2.3-74.el5 AND mod_ssl is earlier than 0:2.2.3-74.el5

Definition Id: oval:org.mitre.oval:def:26266

Oval ID:	oval:org.mitre.oval:def:26266
Title:	SUSE-SU-2013:0387-1 -- Security update for apache2
Description:	This update fixes the following security issues with apache2 httpd: * Improper LD_LIBRARY_PATH handling (CVE-2012-0883 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 > ) * Filename escaping problem (CVE-2012-2687 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687 > ) Additionally, some non-security bugs have been fixed as enumerated in the changelog of the RPM.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0387-1 CVE-2012-0883 CVE-2012-2687	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	apache2
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section apache2 RPM is earlier than 0:2.2.3-16.46.1 AND apache2-devel RPM is earlier than 0:2.2.3-16.46.1 AND apache2-doc RPM is earlier than 0:2.2.3-16.46.1 AND apache2-example-pages RPM is earlier than 0:2.2.3-16.46.1 AND apache2-prefork RPM is earlier than 0:2.2.3-16.46.1 AND apache2-worker RPM is earlier than 0:2.2.3-16.46.1

Definition Id: oval:org.mitre.oval:def:27403

Oval ID:	oval:org.mitre.oval:def:27403
Title:	DEPRECATED: ELSA-2013-0130 -- httpd security, bug fix, and enhancement update (low)
Description:	[2.2.3-74.0.1.el5] - fix mod_ssl always performing full renegotiation (Joe Jin) [orabug 12423387] - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-74] - further %post scriptlet fix (#752618, #867736)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0130 CVE-2008-0455 CVE-2008-0456 CVE-2012-2687	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	httpd
Definition Synopsis:
Oracle Linux 5.x Packages match section httpd is earlier than 0:2.2.3-74.0.1.el5 AND httpd-devel is earlier than 0:2.2.3-74.0.1.el5 AND httpd-manual is earlier than 0:2.2.3-74.0.1.el5 AND mod_ssl is earlier than 0:2.2.3-74.0.1.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apache Http Server cpe:2.3:a:apache:http_server:2.4.2:::::::* cpe:2.3:a:apache:http_server:2.4.1:::::::* cpe:2.3:a:apache:http_server:2.4.0:::::::* cpe:2.3:a:apache:http_server:2.2.9:::::::* cpe:2.3:a:apache:http_server:2.2.8:::::::* cpe:2.3:a:apache:http_server:2.2.6:::::::* cpe:2.3:a:apache:http_server:2.2.4:::::::* cpe:2.3:a:apache:http_server:2.2.3:::::::* cpe:2.3:a:apache:http_server:2.2.23:::::::* cpe:2.3:a:apache:http_server:2.2.22:::::::* cpe:2.3:a:apache:http_server:2.2.21:::::::* cpe:2.3:a:apache:http_server:2.2.20:::::::* cpe:2.3:a:apache:http_server:2.2.2:::::::* cpe:2.3:a:apache:http_server:2.2.19:::::::* cpe:2.3:a:apache:http_server:2.2.18:::::::* cpe:2.3:a:apache:http_server:2.2.17:::::::* cpe:2.3:a:apache:http_server:2.2.16:::::::* cpe:2.3:a:apache:http_server:2.2.15:::::::* cpe:2.3:a:apache:http_server:2.2.14:::::::* cpe:2.3:a:apache:http_server:2.2.13:::::::* cpe:2.3:a:apache:http_server:2.2.12:::::::* cpe:2.3:a:apache:http_server:2.2.11:::::::* cpe:2.3:a:apache:http_server:2.2.10:::::::* cpe:2.3:a:apache:http_server:2.2.1:::::::* cpe:2.3:a:apache:http_server:2.2.0:::::::*	25

OpenVAS Exploits

Date	Description
2012-11-26	Name : FreeBSD Ports: apache22 File : nvt/freebsd_apache22.nasl
2012-11-09	Name : Ubuntu Update for apache2 USN-1627-1 File : nvt/gb_ubuntu_USN_1627_1.nasl
2012-10-03	Name : Mandriva Update for apache MDVSA-2012:154-1 (apache) File : nvt/gb_mandriva_MDVSA_2012_154_1.nasl

Information Assurance Vulnerability Management (IAVM)

Date	Description
2015-07-16	IAVM : 2015-A-0149 - Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance Severity : Category I - VMSKEY : V0061101

Nessus® Vulnerability Scanner

Date	Description
2015-07-20	Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10685_cred.nasl - Type : ACT_GATHER_INFO
2015-07-20	Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10685.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0469-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0387-1.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_apache_20130129.nasl - Type : ACT_GATHER_INFO
2014-12-16	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-770.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15901.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-308.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-80.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-81.nasl - Type : ACT_GATHER_INFO
2013-09-13	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_5.nasl - Type : ACT_GATHER_INFO
2013-09-13	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-004.nasl - Type : ACT_GATHER_INFO
2013-08-11	Name : The remote web server may be affected by multiple vulnerabilities. File : oracle_http_server_cpu_jul_2013.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0130.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0512.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0512.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-130225.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-8443.nasl - Type : ACT_GATHER_INFO
2013-03-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130221_httpd_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0512.nasl - Type : ACT_GATHER_INFO
2013-02-13	Name : The remote Fedora host is missing a security update. File : fedora_2013-1661.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1592.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1591.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_httpd_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0130.nasl - Type : ACT_GATHER_INFO
2013-01-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0130.nasl - Type : ACT_GATHER_INFO
2012-11-09	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1627-1.nasl - Type : ACT_GATHER_INFO
2012-11-05	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_65539c54251711e2b9d620cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2012-10-02	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-154.nasl - Type : ACT_GATHER_INFO
2012-09-14	Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_23.nasl - Type : ACT_GATHER_INFO
2012-08-23	Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_4_3.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
AIXAPAR	http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003...
APPLE	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
BID	http://www.securityfocus.com/bid/55131
CONFIRM	http://httpd.apache.org/security/vulnerabilities_24.html http://support.apple.com/kb/HT5880 http://www.apache.org/dist/httpd/CHANGES_2.4.3 http://www.fujitsu.com/global/support/software/security/products-f/interstage... http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/...
HP	http://marc.info/?l=bugtraq&m=136612293908376&w=2
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT	http://rhn.redhat.com/errata/RHSA-2012-1591.html http://rhn.redhat.com/errata/RHSA-2012-1592.html http://rhn.redhat.com/errata/RHSA-2012-1594.html http://rhn.redhat.com/errata/RHSA-2013-0130.html
SECUNIA	http://secunia.com/advisories/50894 http://secunia.com/advisories/51607
SUSE	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
UBUNTU	http://www.ubuntu.com/usn/USN-1627-1

Alert History

If you want to see full details history, please login or register.

Date	Informations
2023-11-07 21:46:50	Multiple Updates
2021-06-06 17:23:01	Multiple Updates
2021-06-03 13:23:12	Multiple Updates
2021-05-04 12:21:03	Multiple Updates
2021-04-22 01:25:10	Multiple Updates
2021-03-30 17:22:48	Multiple Updates
2020-05-23 00:33:42	Multiple Updates
2019-08-17 12:01:04	Multiple Updates
2017-09-19 09:25:17	Multiple Updates
2016-12-08 09:23:25	Multiple Updates
2016-08-23 09:24:47	Multiple Updates
2016-04-26 21:51:30	Multiple Updates
2015-10-18 17:22:16	Multiple Updates
2015-07-24 13:29:01	Multiple Updates
2015-05-21 13:29:29	Multiple Updates
2015-01-21 13:25:34	Multiple Updates
2014-12-17 13:25:17	Multiple Updates
2014-12-16 13:24:53	Multiple Updates
2014-06-14 13:32:57	Multiple Updates
2014-02-17 11:10:38	Multiple Updates
2013-12-05 17:19:11	Multiple Updates
2013-09-18 13:19:33	Multiple Updates
2013-07-17 21:18:46	Multiple Updates
2013-06-21 13:19:15	Multiple Updates
2013-05-30 13:23:12	Multiple Updates
2013-05-10 22:40:02	Multiple Updates
2013-04-19 13:20:44	Multiple Updates
2013-02-07 13:20:07	Multiple Updates
2013-01-08 13:22:15	Multiple Updates
2012-12-21 13:20:23	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	6
CPE ID(s)	25
Sources(s)	42
Openvas Exploit(s)	3
IAVM(s)	1
Nessus® Exploit(s)	31

	Related
7.5	CVE-2021-31618
6.9	MDVSA-2012:154-1
6.9	MDVSA-2012:154
5.5	CVE-2020-13938
5	RHSA-2013:0512
5	HPSBUX02866 SSR...
4.3	RHSA-2013:0130
2.6	USN-1627-1
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 8 more Alert(s)