CRLF Injection Vulnerabilities in IBM Lotus Domino 8.5.x

CRLF Injection Vulnerabilities in IBM Lotus Domino 8.5.x

CVE-2012-3301 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers.

Learn more about our Cis Benchmark Audit For Ibm I.