CVE-2012-2751

NONE
Published Jul 22, 201213y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jul 22, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 7

VendorProductVersionRange
trustwavemodsecurity* <2.6.6
opensuseopensuse11.4any
opensuseopensuse12.2any
opensuseopensuse12.3any
debiandebian_linux6.0any
debiandebian_linux7.0any
oraclehttp_server11.1.1.6.0any

References 16

  • blog.ivanristic.com http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
    Mailing ListThird Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
    Mailing ListThird Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
    Mailing ListThird Party Advisory
  • mod-security.svn.sourceforge.net http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES
    Broken Link
  • mod-security.svn.sourceforge.net http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/CHANGES?r1=1920&r2=1919&pathrev=1920
    Broken Link
  • mod-security.svn.sourceforge.net http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?r1=1918&r2=1917&pathrev=1918
    Broken Link
  • secunia.com http://secunia.com/advisories/49576
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/49782
    Third Party Advisory
  • debian.org http://www.debian.org/security/2012/dsa-2506
    Third Party Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2012:118
    Third Party Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
    Third Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2012/06/22/1
    Mailing ListThird Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2012/06/22/2
    Mailing ListThird Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
    Third Party Advisory
  • securityfocus.com http://www.securityfocus.com/bid/54156
    Third Party AdvisoryVDB Entry

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.