PT-2007-6108 · Apache+1 · Apache Http Server+1

Publicado

2007-12-11

Atualizado

2024-06-15

CVE-2007-5000

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 1.3.0 through 1.3.39 Apache HTTP Server versions 2.0.35 through 2.0.61 Apache HTTP Server versions 2.2.0 through 2.2.6

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This affects the mod imap and mod imagemap modules in the Apache HTTP Server.

Recommendations For versions 1.3.0 through 1.3.39, consider disabling the mod imap module until a patch is available. For versions 2.0.35 through 2.0.61, consider disabling the mod imap module until a patch is available. For versions 2.2.0 through 2.2.6, consider disabling the mod imagemap module until a patch is available.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2007-5000

HPSBUX02308

OPENSUSE-SU-2024:10623-1

RHSA-2008:0004

RHSA-2008:0005

RHSA-2008:0006

RHSA-2008:0007

RHSA-2008:0008

RHSA-2008:0009

RHSA-2008:0261

RHSA-2008:0263

RHSA-2008:0523

RHSA-2008:0524

RHSA-2008_0006

RHSA-2008_0008

RHSA-2010:0602

Produtos afetados

Apache Http Server

Red Hat

PT-2007-6108 · Apache+1 · Apache Http Server+1

CVE-2007-5000

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 148