Vulnerabilities

CVE-2012-4528

by Fred · 28/12/2012

The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.

Date published : 2012-12-28

http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/CHANGES

http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?sortby=date&r1=2081&r2=2080&pathrev=2081

Similar

Tags: Cybersecurity Alert