HomePentest-Tools.com Logo

Adobe ColdFusion HTTP Response Splitting Vulnerability (APSB12-15) CVE-2012-2041

Not available
CVSSv3 Score
Not available
Vulnerability description

Adobe ColdFusion is prone to a response splitting vulnerability.

Risk description

This flaw exists because the application does not validate an unspecified HTTP header before returning it to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user. Successful exploitation will allow attackers to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.


Apply the patch from the referenced advisory.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
Jun 13, 2012
Detection added at
Software Type
Not available
Not available
Not available