CVE-2012-3499 in Oracle HTTP Serverinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.

Reservation

06/14/2012

Disclosure

02/26/2013

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
11821	Oracle HTTP Server Web Listener cross site scripting	79	Not defined	Official fix	CVE-2012-3499
7810	IBM HTTP Server mod_info cross site scripting	79	Not defined	Official fix	CVE-2012-3499

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!