#VU77628 Input validation error in HttpComponents Client - CVE-2012-6153

Cybersecurity Help s.r.o.

Published: 2023-06-22

Vulnerability identifier: #VU77628

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-6153

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
HttpComponents Client
Universal components / Libraries / Software for developers

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to modify files on the system.

The vulnerability exists due to Apache Commons HttpClient does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. A remote attacker can pass specially crafted input to the application and modify files on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

HttpComponents Client: before 4.2.3

External links
https://rhn.redhat.com/errata/RHSA-2014-1098.html
https://rhn.redhat.com/errata/RHSA-2014-1833.html
https://rhn.redhat.com/errata/RHSA-2014-1834.html
https://rhn.redhat.com/errata/RHSA-2014-1835.html
https://rhn.redhat.com/errata/RHSA-2014-1836.html
https://rhn.redhat.com/errata/RHSA-2014-1891.html
https://rhn.redhat.com/errata/RHSA-2014-1892.html
https://rhn.redhat.com/errata/RHSA-2015-0125.html
https://rhn.redhat.com/errata/RHSA-2015-0158.html
https://rhn.redhat.com/errata/RHSA-2015-0675.html
https://rhn.redhat.com/errata/RHSA-2015-0720.html
https://rhn.redhat.com/errata/RHSA-2015-0765.html
https://rhn.redhat.com/errata/RHSA-2015-0850.html
https://rhn.redhat.com/errata/RHSA-2015-0851.html
https://rhn.redhat.com/errata/RHSA-2015-1888.html
https://svn.apache.org/viewvc?view=revision&revision=1411705
https://www.securityfocus.com/bid/69257
https://www.ubuntu.com/usn/USN-2769-1
https://access.redhat.com/solutions/1165533
https://bugzilla.redhat.com/show_bug.cgi?id=1129916
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Rational Asset Manager

Multiple vulnerabilities in IBM Application Performance Management

Multiple vulnerabilities in Dell NetWorker

Multiple vulnerabilities in IBM Engineering Systems Design Rhapsody

Multiple vulnerabilities in IBM Tivoli Application Dependency Discovery Manager

Multiple vulnerabilities in IBM B2B Advanced Communications and IBM Multi-Enterprise Integration Gateway

Multiple vulnerabilities in IBM Cloud Pak for Security (CP4S)

Multiple vulnerabilities in IBM Storage Protect Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management

Multiple vulnerabilities in IBM Tivoli Monitoring

Multiple vulnerabilities in IBM Control Desk