6.4 - CVE-2012-5486

Executive Summary

Informations
Name	CVE-2012-5486	First vendor Publication	2014-09-30
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:P)
Cvss Base Score	6.4	Attack Range	Network
Cvss Impact Score	4.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5486

CPE : Common Platform Enumeration

Type	Description	Count
Application	Plone cpe:2.3:a:plone:plone:4.3:::::::* cpe:2.3:a:plone:plone:4.2a2:::::::* cpe:2.3:a:plone:plone:4.2a1:::::::* cpe:2.3:a:plone:plone:4.2.2:::::::* cpe:2.3:a:plone:plone:4.2.1.1:::::::* cpe:2.3:a:plone:plone:4.2.1:::::::* cpe:2.3:a:plone:plone:4.2.0.1:::::::* cpe:2.3:a:plone:plone:4.2:::::::* cpe:2.3:a:plone:plone:4.2:b2:::::: cpe:2.3:a:plone:plone:4.2:b1:::::: cpe:2.3:a:plone:plone:4.2:a2:::::: cpe:2.3:a:plone:plone:4.2:a1:::::: cpe:2.3:a:plone:plone:4.2:rc2:::::: cpe:2.3:a:plone:plone:4.2:rc1:::::: cpe:2.3:a:plone:plone:4.1.6:::::::* cpe:2.3:a:plone:plone:4.1.5:::::::* cpe:2.3:a:plone:plone:4.1.4:::::::* cpe:2.3:a:plone:plone:4.1.3:::::::* cpe:2.3:a:plone:plone:4.1.2:::::::* cpe:2.3:a:plone:plone:4.1.1:::::::* cpe:2.3:a:plone:plone:4.1:::::::* cpe:2.3:a:plone:plone:4.0.9:::::::* cpe:2.3:a:plone:plone:4.0.8:::::::* cpe:2.3:a:plone:plone:4.0.7:::::::* cpe:2.3:a:plone:plone:4.0.6.1:::::::* cpe:2.3:a:plone:plone:4.0.5:::::::* cpe:2.3:a:plone:plone:4.0.4:::::::* cpe:2.3:a:plone:plone:4.0.3:::::::* cpe:2.3:a:plone:plone:4.0.2:::::::* cpe:2.3:a:plone:plone:4.0.10:::::::* cpe:2.3:a:plone:plone:4.0.1:::::::* cpe:2.3:a:plone:plone:4.0:::::::* cpe:2.3:a:plone:plone:3.3.6:::::::* cpe:2.3:a:plone:plone:3.3.5:::::::* cpe:2.3:a:plone:plone:3.3.4:::::::* cpe:2.3:a:plone:plone:3.3.3:::::::* cpe:2.3:a:plone:plone:3.3.2:::::::* cpe:2.3:a:plone:plone:3.3.1:::::::* cpe:2.3:a:plone:plone:3.3:::::::* cpe:2.3:a:plone:plone:3.2.3:::::::* cpe:2.3:a:plone:plone:3.2.2:::::::* cpe:2.3:a:plone:plone:3.2.1:::::::* cpe:2.3:a:plone:plone:3.2:::::::* cpe:2.3:a:plone:plone:3.1.7:::::::* cpe:2.3:a:plone:plone:3.1.6:::::::* cpe:2.3:a:plone:plone:3.1.5.1:::::::* cpe:2.3:a:plone:plone:3.1.4:::::::* cpe:2.3:a:plone:plone:3.1.3:::::::* cpe:2.3:a:plone:plone:3.1.2:::::::* cpe:2.3:a:plone:plone:3.1.1:::::::* cpe:2.3:a:plone:plone:3.1:::::::* cpe:2.3:a:plone:plone:3.0.6:::::::* cpe:2.3:a:plone:plone:3.0.5:::::::* cpe:2.3:a:plone:plone:3.0.4:::::::* cpe:2.3:a:plone:plone:3.0.3:::::::* cpe:2.3:a:plone:plone:3.0.2:::::::* cpe:2.3:a:plone:plone:3.0.1:::::::* cpe:2.3:a:plone:plone:3.0:::::::* cpe:2.3:a:plone:plone:2.5.5:::::::* cpe:2.3:a:plone:plone:2.5.4:::::::* cpe:2.3:a:plone:plone:2.5.3:::::::* cpe:2.3:a:plone:plone:2.5.2:::::::* cpe:2.3:a:plone:plone:2.5.1_rc:::::::* cpe:2.3:a:plone:plone:2.5.1:::::::* cpe:2.3:a:plone:plone:2.5_beta1:::::::* cpe:2.3:a:plone:plone:2.5:::::::* cpe:2.3:a:plone:plone:2.1.4:::::::* cpe:2.3:a:plone:plone:2.1.3:::::::* cpe:2.3:a:plone:plone:2.1.2:::::::* cpe:2.3:a:plone:plone:2.1.1:::::::* cpe:2.3:a:plone:plone:2.1:::::::* cpe:2.3:a:plone:plone:2.0.5:::::::* cpe:2.3:a:plone:plone:2.0.4:::::::* cpe:2.3:a:plone:plone:2.0.3:::::::* cpe:2.3:a:plone:plone:2.0.2:::::::* cpe:2.3:a:plone:plone:2.0.1:::::::* cpe:2.3:a:plone:plone:2.0:::::::* cpe:2.3:a:plone:plone:1.0.6:::::::* cpe:2.3:a:plone:plone:1.0.5:::::::* cpe:2.3:a:plone:plone:1.0.4:::::::* cpe:2.3:a:plone:plone:1.0.3:::::::* cpe:2.3:a:plone:plone:1.0.2:::::::* cpe:2.3:a:plone:plone:1.0.1:::::::* cpe:2.3:a:plone:plone:1.0:::::::* cpe:2.3:a:plone:plone::::::::	85
Application	Zope cpe:2.3:a:zope:zope:2.9.7:::::::* cpe:2.3:a:zope:zope:2.9.6:::::::* cpe:2.3:a:zope:zope:2.9.5:::::::* cpe:2.3:a:zope:zope:2.9.4:::::::* cpe:2.3:a:zope:zope:2.9.3:::::::* cpe:2.3:a:zope:zope:2.9.2:::::::* cpe:2.3:a:zope:zope:2.8.8:::::::* cpe:2.3:a:zope:zope:2.8.6:::::::* cpe:2.3:a:zope:zope:2.8.4:::::::* cpe:2.3:a:zope:zope:2.8.1:-:::::: cpe:2.3:a:zope:zope:2.7.8:::::::* cpe:2.3:a:zope:zope:2.7.7:::::::* cpe:2.3:a:zope:zope:2.7.6:::::::* cpe:2.3:a:zope:zope:2.7.5:::::::* cpe:2.3:a:zope:zope:2.7.4:::::::* cpe:2.3:a:zope:zope:2.7.3:::::::* cpe:2.3:a:zope:zope:2.7.0:::::::* cpe:2.3:a:zope:zope:2.6.4:::::::* cpe:2.3:a:zope:zope:2.6.1:::::::* cpe:2.3:a:zope:zope:2.5.1:::::::* cpe:2.3:a:zope:zope:2.13.18:::::::* cpe:2.3:a:zope:zope:2.11.3:::::::* cpe:2.3:a:zope:zope:2.11.2:::::::* cpe:2.3:a:zope:zope:2.11.1:::::::* cpe:2.3:a:zope:zope:2.11.0:-:::::: cpe:2.3:a:zope:zope:2.10.8:::::::* cpe:2.3:a:zope:zope:2.10.3:::::::*	27

Nessus® Vulnerability Scanner

Date	Description
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1194.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140916_conga_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1194.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1194.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://rhn.redhat.com/errata/RHSA-2014-1194.html
http://www.openwall.com/lists/oss-security/2012/11/10/1
https://bugs.launchpad.net/zope2/+bug/930812
https://plone.org/products/plone-hotfix/releases/20121106
https://plone.org/products/plone/security/advisories/20121106/02

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 22:51:40	Multiple Updates
2024-11-28 12:32:21	Multiple Updates
2024-08-02 12:21:45	Multiple Updates
2024-08-02 01:06:22	Multiple Updates
2024-02-02 01:21:06	Multiple Updates
2024-02-01 12:06:12	Multiple Updates
2023-09-05 12:19:56	Multiple Updates
2023-09-05 01:06:06	Multiple Updates
2023-09-02 12:19:58	Multiple Updates
2023-09-02 01:06:11	Multiple Updates
2023-08-12 12:23:57	Multiple Updates
2023-08-12 01:06:13	Multiple Updates
2023-08-11 12:20:06	Multiple Updates
2023-08-11 01:06:23	Multiple Updates
2023-08-06 12:19:21	Multiple Updates
2023-08-06 01:06:13	Multiple Updates
2023-08-04 12:19:24	Multiple Updates
2023-08-04 01:06:16	Multiple Updates
2023-07-14 12:19:23	Multiple Updates
2023-07-14 01:06:10	Multiple Updates
2023-03-29 01:21:21	Multiple Updates
2023-03-28 12:06:18	Multiple Updates
2023-02-13 09:28:10	Multiple Updates
2023-02-02 21:28:32	Multiple Updates
2022-10-11 12:17:19	Multiple Updates
2022-10-11 01:05:54	Multiple Updates
2021-05-05 01:11:35	Multiple Updates
2021-05-04 12:22:33	Multiple Updates
2021-04-22 01:26:57	Multiple Updates
2020-05-23 01:50:16	Multiple Updates
2020-05-23 00:35:15	Multiple Updates
2017-02-11 12:01:02	Multiple Updates
2016-06-28 22:09:27	Multiple Updates
2014-11-08 13:30:22	Multiple Updates
2014-10-16 13:25:09	Multiple Updates
2014-10-11 13:26:15	Multiple Updates
2014-10-10 09:24:06	Multiple Updates
2014-10-03 00:23:04	Multiple Updates
2014-10-02 09:23:19	Multiple Updates
2014-10-01 00:26:58	First insertion

Global Informations

Type	Count
CPE ID(s)	112
Sources(s)	5
Nessus® Exploit(s)	4

	Related
6.8	RHSA-2014:1194
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

6.4 - CVE-2012-5486

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU