Improper Content-Type Handling in Parallels Plesk Small Business Panel
CVE-2011-4762

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Small Business Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4762?

The Parallels Plesk Small Business Panel version 10.2.0 contains a flaw related to the incorrect handling of Content-Type headers for specific resources. This misconfiguration could allow remote attackers to exploit an interpretation conflict via paths like smb/app/top-categories-data/. Consequently, this could lead to unpredictable behavior or exploitation of the affected resources, potentially impacting client systems rather than the SmarterStats product itself.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72214

vdb-entryx_refsource_XF

http://xss.cx/examples/plesk-reports/plesk-10.2.0.html

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011