HomePentest-Tools.com Logo

Adobe ColdFusion HTTP Response Splitting Vulnerability (APSB12-15) CVE-2012-2041

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Adobe ColdFusion is prone to a response splitting vulnerability.

Risk description

This flaw exists because the application does not validate an unspecified HTTP header before returning it to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user. Successful exploitation will allow attackers to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.

Recommendation

Apply the patch from the referenced advisory.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 13, 2012
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available