CVE-2012-2751 — MEDIUM (4.3)

Q: How severe is CVE-2012-2751?

CVE-2012-2751 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-2751?

Check the references section above for vendor advisories and patch information. Affected products include: Trustwave Modsecurity, Opensuse Opensuse, Debian Debian Linux, Oracle Http Server.

Vulnerability Description

ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Trustwave	Modsecurity	< 2.6.6
Opensuse	Opensuse	11.4
Debian	Debian Linux	6.0
Oracle	Http Server	11.1.1.6.0

References

http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-mulThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.htmlMailing ListThird Party Advisory
http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHBroken Link
http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/CHANGES?r1=Broken Link
http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/mscBroken Link
http://secunia.com/advisories/49576Third Party Advisory
http://secunia.com/advisories/49782Third Party Advisory
http://www.debian.org/security/2012/dsa-2506Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2012:118Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/06/22/1Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2012/06/22/2Mailing ListThird Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.htmlThird Party Advisory

FAQ

What is CVE-2012-2751?

CVE-2012-2751 is a vulnerability with a CVSS score of 4.3 (MEDIUM). ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/fo...

How severe is CVE-2012-2751?

CVE-2012-2751 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-2751?

Check the references section above for vendor advisories and patch information. Affected products include: Trustwave Modsecurity, Opensuse Opensuse, Debian Debian Linux, Oracle Http Server.