Back to search
CVE-2012-4528
Published: Dec 28, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
openSUSE-SU-2013:1342
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:1331
vendor-advisory
x_refsource_SUSE
20121017 SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass
mailing-list
x_refsource_FULLDISC
FEDORA-2012-18278
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2013:1336
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now