CVE-2002-0840 in HTTP Serverinformation

Résumé

par MITRE

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgation

11/10/2002

Modérer

accepté

Entrée

VDB-19051

CPE

prêt

CWE

CWE-80 (confirmé)

Exploitation

Télécharger

CVSS

6.8 (NVD)

EPSS

0.94006

KEV

non

Activités

très faible

Secteur

Telecommunication, Energy, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0840
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0840
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0840/

◂ Précédent Aperçu Suivant ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!