Lucene search
IbmCVE-2012-3301HistoryAug 21, 2012 - 10:46 a.m.
CVE-2012-3301
2012-08-2110:46:10
CWE-20
ibm
web.nvd.nist.gov
22
ibm
lotus domino
http server
crlf injection
vulnerabilities
cve-2012-3301
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
56.6%
Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers.
Affected configurations
Node
ibmlotus_dominoMatch8.5.0
ORibmlotus_dominoMatch8.5.0.1
ORibmlotus_dominoMatch8.5.1.1
ORibmlotus_dominoMatch8.5.1.2
ORibmlotus_dominoMatch8.5.1.3
ORibmlotus_dominoMatch8.5.1.4
ORibmlotus_dominoMatch8.5.1.5
ORibmlotus_dominoMatch8.5.2.0
ORibmlotus_dominoMatch8.5.2.1
ORibmlotus_dominoMatch8.5.2.2
ORibmlotus_dominoMatch8.5.2.3
ORibmlotus_dominoMatch8.5.2.4
ORibmlotus_dominoMatch8.5.3.0
ORibmlotus_dominoMatch8.5.3.1
ORibmlotus_dominoMatch8.5.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_domino | 8.5.0 | cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.0.1 | cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.1 | cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.2 | cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.3 | cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.4 | cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.5 | cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.0 | cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.1 | cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.2 | cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:* |
Related
prion
prion
Crlf injection
2012-08-21 10:46:00
securityvulns
securityvulns
HTTP Response Splitting and XSS vulnerabilities in IBM Lotus Domino
2012-09-09 00:00:00
IBM Lotus Domino crossite scripting
2013-04-01 00:00:00
nvd
nvd
CVE-2012-3301
2012-08-21 10:46:10
cvelist
cvelist
CVE-2012-3301
2012-08-21 10:00:00
seebug
seebug
IBM Lotus Domino HTTPεεΊε离εθ·¨η«θζ¬ζ§θ‘ζΌζ΄
2012-08-21 00:00:00
IBM Lotus Domino 8.5.3 XSS / HTTP Response Splitting
2012-09-04 00:00:00
openvas
openvas
IBM Lotus Domino HTTP Server Multiple Vulnerabilities
2013-03-27 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
56.6%
Related for CVE-2012-3301