Search for vulnerabilities
Vulnerability details: VCID-n958-rf3k-aaan
Vulnerability ID VCID-n958-rf3k-aaan
Aliases CVE-2012-2687
Summary Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
System Score Found at
generic_textual Medium http://httpd.apache.org/security/vulnerabilities_24.html
generic_textual MODERATE http://marc.info/?l=bugtraq&m=136612293908376&w=2
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2012-1591.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2012-1592.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2012-1594.html
rhas Important https://access.redhat.com/errata/RHSA-2012:1591
rhas Important https://access.redhat.com/errata/RHSA-2012:1592
rhas Important https://access.redhat.com/errata/RHSA-2012:1594
rhas Low https://access.redhat.com/errata/RHSA-2013:0130
rhas Low https://access.redhat.com/errata/RHSA-2013:0512
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.00678 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05337 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05426 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05567 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05567 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05567 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.05567 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.06056 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.06056 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.06056 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07325 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07914 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07914 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.07914 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
epss 0.09626 https://api.first.org/data/v1/epss?cve=CVE-2012-2687
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=850794
generic_textual MODERATE http://secunia.com/advisories/51607
apache_httpd low https://httpd.apache.org/security/json/CVE-2012-2687.json
cvssv2 2.6 https://nvd.nist.gov/vuln/detail/CVE-2012-2687
Reference id Reference type URL
http://httpd.apache.org/security/vulnerabilities_24.html
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html
http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E
http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30@apache.org%3E
http://marc.info/?l=bugtraq&m=136612293908376&w=2
http://rhn.redhat.com/errata/RHSA-2012-1591.html
http://rhn.redhat.com/errata/RHSA-2012-1592.html
http://rhn.redhat.com/errata/RHSA-2012-1594.html
http://rhn.redhat.com/errata/RHSA-2013-0130.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json
https://api.first.org/data/v1/epss?cve=CVE-2012-2687
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
http://secunia.com/advisories/50894
http://secunia.com/advisories/51607
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539
http://support.apple.com/kb/HT5880
http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f
http://www.apache.org/dist/httpd/CHANGES_2.4.3
http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
http://www.securityfocus.com/bid/55131
http://www.ubuntu.com/usn/USN-1627-1
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
850794 https://bugzilla.redhat.com/show_bug.cgi?id=850794
cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
CVE-2012-2687 https://httpd.apache.org/security/json/CVE-2012-2687.json
CVE-2012-2687 https://nvd.nist.gov/vuln/detail/CVE-2012-2687
RHSA-2012:1591 https://access.redhat.com/errata/RHSA-2012:1591
RHSA-2012:1592 https://access.redhat.com/errata/RHSA-2012:1592
RHSA-2012:1594 https://access.redhat.com/errata/RHSA-2012:1594
RHSA-2013:0130 https://access.redhat.com/errata/RHSA-2013:0130
RHSA-2013:0512 https://access.redhat.com/errata/RHSA-2013:0512
USN-1627-1 https://usn.ubuntu.com/1627-1/
No exploits are available.
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2012-2687
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.72788
EPSS Score 0.00384
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.