Skip to main content

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

CVE-2012-5486

Severity Medium
Score 6.4/10

Summary

ZPublisher.HTTPResponse._scrubHeaderr in Zope 2 before 2.12.26 and 2.13.x before 2.13.19, as used in Plone before 4.2.2 and 4.3.x before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • NONE
  • PARTIAL

CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

The software receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

Advisory Timeline

  • Published