CVE-2009-5031

NONE
Published Jul 22, 201213y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jul 22, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks via a single quote in a request parameter in the Content-Disposition field of a request with a multipart/form-data Content-Type header.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 4

VendorProductVersionRange
trustwavemodsecurity* <2.5.11
opensuseopensuse11.4any
opensuseopensuse12.2any
opensuseopensuse12.3any

References 11

  • blog.ivanristic.com http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
    Mailing ListThird Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
    Mailing ListThird Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
    Mailing ListThird Party Advisory
  • mod-security.svn.sourceforge.net http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES
    Broken Link
  • secunia.com http://secunia.com/advisories/49576
    Third Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2012/06/22/1
    Mailing ListThird Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2012/06/22/2
    Mailing ListThird Party Advisory
  • securityfocus.com http://www.securityfocus.com/bid/54156
    Third Party AdvisoryVDB Entry
  • suspekt.org http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf
    Third Party Advisory
  • modsecurity.org https://www.modsecurity.org/fisheye/browse/modsecurity/m2/branches/2.5.x/apache2/msc_multipart.c?r2=1419&r1=1366
    Broken Link

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.