CVE-2012-4023

CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
VendorProductVersion
simon_brownpebble
𝑥
≤ 2.6.3
simon_brownpebble
1.0
simon_brownpebble
1.1
simon_brownpebble
1.2
simon_brownpebble
1.3
simon_brownpebble
1.4
simon_brownpebble
1.4:beta1
simon_brownpebble
1.4:beta2
simon_brownpebble
1.4:beta3
simon_brownpebble
1.4.1
simon_brownpebble
1.4.2
simon_brownpebble
1.5
simon_brownpebble
1.5:beta1
simon_brownpebble
1.5:beta2
simon_brownpebble
1.5.1
simon_brownpebble
1.6:beta3
simon_brownpebble
1.7
simon_brownpebble
1.7:beta1
simon_brownpebble
1.7.1
simon_brownpebble
1.7.2
simon_brownpebble
1.8
simon_brownpebble
1.9
simon_brownpebble
2.0
simon_brownpebble
2.0.0:m1
simon_brownpebble
2.0.0:m2
simon_brownpebble
2.0.0:m3
simon_brownpebble
2.0.0:rc1
simon_brownpebble
2.0.0:rc2
simon_brownpebble
2.0.1
simon_brownpebble
2.1
simon_brownpebble
2.1:rc1
simon_brownpebble
2.2
simon_brownpebble
2.3
simon_brownpebble
2.3.1
simon_brownpebble
2.3.2
simon_brownpebble
2.4
simon_brownpebble
2.4:rc2
simon_brownpebble
2.5
simon_brownpebble
2.5:m1
simon_brownpebble
2.5:m2
simon_brownpebble
2.5:rc1
simon_brownpebble
2.5.1
simon_brownpebble
2.5.2
simon_brownpebble
2.5.3
simon_brownpebble
2.6
simon_brownpebble
2.6:m1
simon_brownpebble
2.6.1
simon_brownpebble
2.6.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN39563771/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099
http://secunia.com/advisories/51102
http://jvn.jp/en/jp/JVN39563771/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099
http://secunia.com/advisories/51102