CVE-2012-4528
EPSS 11.5%
Description
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
How to fix CVE-2012-4528
To remediate CVE-2012-4528, upgrade the affected package to a fixed version below.
- Debian/modsecurity-apache—upgrade to 2.6.6-5 or later
Is CVE-2012-4528 being exploited?
Moderate — EPSS is 11.5%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.6.6-5