CVE-2002-0840 in HTTP Serverthông tin

Tóm tắt

Bởi MITRE

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Tiết lộ

11/10/2002

Kiểm duyệt

được chấp nhận

mục

VDB-19051

CPE

sẵn sàng

CWE

CWE-80 (Đã xác nhận)

Khai thác

Tải xuống

CVSS

6.8 (NVD)

EPSS

0.94006

KEV

không

Các hoạt động

rất thấp

ngành

Pharma, Hospital, ...

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0840
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0840
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0840/

◂ Trước Tổng Quan Tiếp theo ▸

Interested in the pricing of exploits?

See the underground prices here!