CVE-2006-5752 in Oracle HTTP Serverinfo

Zusammenfassung (Englisch)

Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.

Reservieren

06.11.2006

Veröffentlichung

27.06.2007

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
9599	Oracle HTTP Server Web Listener Cross Site Scripting	80	High	Offizieller Fix	CVE-2006-5752
3263	IBM HTTP Server mod_status Cross-Site Scripting	80	High	Offizieller Fix	CVE-2006-5752

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!