Your submission was sent successfully! Close

CVE-2012-4528

Published: 28 December 2012

The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.

Priority

Medium

Status

Package Release Status
modsecurity-apache
Launchpad, Ubuntu, Debian
artful Not vulnerable
(2.7.7-2)
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric Ignored
(reached end-of-life)
precise Does not exist
(precise was needed)
quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Not vulnerable
(2.7.4-1)
trusty Not vulnerable
(2.7.7-2)
upstream
Released (2.7.0)
utopic Not vulnerable
(2.7.7-2)
vivid Does not exist

wily Not vulnerable
(2.7.7-2)
xenial Not vulnerable
(2.7.7-2)
yakkety Not vulnerable
(2.7.7-2)
zesty Not vulnerable
(2.7.7-2)