Search for vulnerabilities
Vulnerability details: VCID-marp-9ycj-4kfh
Vulnerability ID VCID-marp-9ycj-4kfh
Aliases CVE-2012-0053
Summary A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose "httpOnly" cookies when no custom ErrorDocument is specified.
Status Published
Exploitability 2.0
Weighted Severity 4.8
Risk 9.6
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.74639 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
epss 0.82458 https://api.first.org/data/v1/epss?cve=CVE-2012-0053
apache_httpd moderate https://httpd.apache.org/security/json/CVE-2012-0053.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json
https://api.first.org/data/v1/epss?cve=CVE-2012-0053
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
785069 https://bugzilla.redhat.com/show_bug.cgi?id=785069
CVE-2012-0053 https://httpd.apache.org/security/json/CVE-2012-0053.json
CVE-2012-0053;OSVDB-78556 Exploit https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
CVE-2012-0053;OSVDB-78556 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html
RHSA-2012:0128 https://access.redhat.com/errata/RHSA-2012:0128
RHSA-2012:0323 https://access.redhat.com/errata/RHSA-2012:0323
RHSA-2012:0542 https://access.redhat.com/errata/RHSA-2012:0542
RHSA-2012:0543 https://access.redhat.com/errata/RHSA-2012:0543
USN-1368-1 https://usn.ubuntu.com/1368-1/
Data source Exploit-DB
Date added Jan. 31, 2012
Description Apache - httpOnly Cookie Disclosure
Ransomware campaign use Known
Source publication date Jan. 31, 2012
Exploit type remote
Platform multiple
Source update date Jan. 31, 2012
Source URL https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
Exploit Prediction Scoring System (EPSS)
Percentile 0.98797
EPSS Score 0.74639
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:56.017292+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2012-0053.json 37.0.0