CVE-2012-4023

EUVD-2012-3967
CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
simon_brownpebble
𝑥
≤ 2.6.3
simon_brownpebble
1.0
simon_brownpebble
1.1
simon_brownpebble
1.2
simon_brownpebble
1.3
simon_brownpebble
1.4
simon_brownpebble
1.4:beta1
simon_brownpebble
1.4:beta2
simon_brownpebble
1.4:beta3
simon_brownpebble
1.4.1
simon_brownpebble
1.4.2
simon_brownpebble
1.5
simon_brownpebble
1.5:beta1
simon_brownpebble
1.5:beta2
simon_brownpebble
1.5.1
simon_brownpebble
1.6:beta3
simon_brownpebble
1.7
simon_brownpebble
1.7:beta1
simon_brownpebble
1.7.1
simon_brownpebble
1.7.2
simon_brownpebble
1.8
simon_brownpebble
1.9
simon_brownpebble
2.0
simon_brownpebble
2.0.0:m1
simon_brownpebble
2.0.0:m2
simon_brownpebble
2.0.0:m3
simon_brownpebble
2.0.0:rc1
simon_brownpebble
2.0.0:rc2
simon_brownpebble
2.0.1
simon_brownpebble
2.1
simon_brownpebble
2.1:rc1
simon_brownpebble
2.2
simon_brownpebble
2.3
simon_brownpebble
2.3.1
simon_brownpebble
2.3.2
simon_brownpebble
2.4
simon_brownpebble
2.4:rc2
simon_brownpebble
2.5
simon_brownpebble
2.5:m1
simon_brownpebble
2.5:m2
simon_brownpebble
2.5:rc1
simon_brownpebble
2.5.1
simon_brownpebble
2.5.2
simon_brownpebble
2.5.3
simon_brownpebble
2.6
simon_brownpebble
2.6:m1
simon_brownpebble
2.6.1
simon_brownpebble
2.6.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN39563771/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099
http://secunia.com/advisories/51102
http://jvn.jp/en/jp/JVN39563771/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099
http://secunia.com/advisories/51102