4.3

CVE-2006-5752

Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheHTTP Server Version >= 1.3.2 < 1.3.39
ApacheHTTP Server Version >= 2.0.0 < 2.0.61
ApacheHTTP Server Version >= 2.2.0 < 2.2.6
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version6.10
CanonicalUbuntu Linux Version7.04
FedoraprojectFedora Version7
RedhatEnterprise Linux Eus Version4.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 27.78% 0.978
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
Third Party Advisory
http://secunia.com/advisories/27037
Not Applicable
http://www.vupen.com/english/advisories/2007/3386
Permissions Required
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
Third Party Advisory
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
http://bugs.gentoo.org/show_bug.cgi?id=186219
Third Party Advisory
Issue Tracking
http://httpd.apache.org/security/vulnerabilities_22.html
Vendor Advisory
http://secunia.com/advisories/26273
Not Applicable
http://secunia.com/advisories/26842
Not Applicable
http://secunia.com/advisories/27563
Not Applicable
http://security.gentoo.org/glsa/glsa-200711-06.xml
Third Party Advisory
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
Third Party Advisory
Mailing List
http://www.vupen.com/english/advisories/2007/2727
Permissions Required
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
http://httpd.apache.org/security/vulnerabilities_13.html
Vendor Advisory
http://httpd.apache.org/security/vulnerabilities_20.html
Vendor Advisory
http://lists.vmware.com/pipermail/security-announce/2009/000062.html
Third Party Advisory
Mailing List
http://rhn.redhat.com/errata/RHSA-2007-0556.html
Third Party Advisory
http://secunia.com/advisories/25827
Not Applicable
http://secunia.com/advisories/25830
Not Applicable
http://secunia.com/advisories/25920
Not Applicable
http://secunia.com/advisories/26443
Not Applicable
http://secunia.com/advisories/26508
Not Applicable
http://secunia.com/advisories/26822
Not Applicable
http://secunia.com/advisories/26993
Not Applicable
http://secunia.com/advisories/27732
Not Applicable
http://secunia.com/advisories/28212
Not Applicable
http://secunia.com/advisories/28224
Not Applicable
http://secunia.com/advisories/28606
Not Applicable
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
Third Party Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
Third Party Advisory
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2007:142
Broken Link
http://www.novell.com/linux/security/advisories/2007_61_apache2.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0557.html
Third Party Advisory
http://www.securityfocus.com/archive/1/505990/100/0/threaded
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0026/
Broken Link
http://www.ubuntu.com/usn/usn-499-1
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3283
Permissions Required
http://www.vupen.com/english/advisories/2007/4305
Permissions Required
http://www.vupen.com/english/advisories/2008/0233
Permissions Required
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112
Third Party Advisory
Issue Tracking
http://osvdb.org/37052
Broken Link
http://rhn.redhat.com/errata/RHSA-2007-0534.html
Third Party Advisory
http://secunia.com/advisories/25873
Not Applicable
http://secunia.com/advisories/26458
Not Applicable
http://svn.apache.org/viewvc?view=rev&revision=549159
Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:141
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0532.html
Third Party Advisory
http://www.securityfocus.com/bid/24645
Patch
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018302
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/35097
Third Party Advisory
VDB Entry
https://issues.rpath.com/browse/RPL-1500
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154
Third Party Advisory
https://rhn.redhat.com/errata/RHSA-2007-0533.html
Third Party Advisory