CVE-2012-2041
Adobe ColdFusion 8.0-9.0.1 - HTTP Response Splitting via Component Browser
Title source: llmDescription
CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb12-15.html
Scores
EPSS
0.0186
EPSS Percentile
76.7%
Details
CWE
CWE-94
Status
published
Products (3)
adobe/coldfusion
8.0
adobe/coldfusion
8.0.1
adobe/coldfusion
9.0
Published
Jun 13, 2012
Tracked Since
Feb 18, 2026