Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CVE-2012-5486
Summary
ZPublisher.HTTPResponse._scrubHeaderr in Zope 2 before 2.12.26 and 2.13.x before 2.13.19, as used in Plone before 4.2.2 and 4.3.x before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.
- LOW
- NETWORK
- NONE
- PARTIAL
- NONE
- PARTIAL
CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
The software receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.
Advisory Timeline
- Published