CVE-2012-5057

ownCloud Server <4.0.8 - Code Injection

Title source: llm

Description

CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://owncloud.org/about/security/advisories/CVE-2012-5057/

Scores

EPSS 0.0034

EPSS Percentile 57.2%

Details

Status published

Products (8)

owncloud/owncloud < 4.0.7

owncloud/owncloud_server 4.0.0

owncloud/owncloud_server 4.0.1

owncloud/owncloud_server 4.0.2

owncloud/owncloud_server 4.0.3

owncloud/owncloud_server 4.0.4

owncloud/owncloud_server 4.0.5

owncloud/owncloud_server 4.0.6

Published Jun 04, 2014

Tracked Since Feb 18, 2026