CVE-2012-5057

ownCloud Server <4.0.8 - Code Injection

Title source: llm
STIX 2.1

Description

CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.

References (1)

Core 1
Core References

Scores

EPSS 0.0102
EPSS Percentile 59.5%

Details

Status published
Products (8)
owncloud/owncloud < 4.0.7
owncloud/owncloud_server 4.0.0
owncloud/owncloud_server 4.0.1
owncloud/owncloud_server 4.0.2
owncloud/owncloud_server 4.0.3
owncloud/owncloud_server 4.0.4
owncloud/owncloud_server 4.0.5
owncloud/owncloud_server 4.0.6
Published Jun 04, 2014
Tracked Since Feb 18, 2026