VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 21, 2012· Updated Apr 29, 2026

CVE-2012-3301

CVE-2012-3301

Description

Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • IBM/Lotus Domino16 versions
    cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*
    • (no CPE)range: <8.5.4

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.