CVE-2006-5752
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.078 Low
EPSS
Percentile
94.2%
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform “charset detection” when the content-type is not specified.
References
bugs.gentoo.org/show_bug.cgi?id=186219
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
httpd.apache.org/security/vulnerabilities_13.html
httpd.apache.org/security/vulnerabilities_20.html
httpd.apache.org/security/vulnerabilities_22.html
lists.vmware.com/pipermail/security-announce/2009/000062.html
osvdb.org/37052
rhn.redhat.com/errata/RHSA-2007-0534.html
rhn.redhat.com/errata/RHSA-2007-0556.html
secunia.com/advisories/25827
secunia.com/advisories/25830
secunia.com/advisories/25873
secunia.com/advisories/25920
secunia.com/advisories/26273
secunia.com/advisories/26443
secunia.com/advisories/26458
secunia.com/advisories/26508
secunia.com/advisories/26822
secunia.com/advisories/26842
secunia.com/advisories/26993
secunia.com/advisories/27037
secunia.com/advisories/27563
secunia.com/advisories/27732
secunia.com/advisories/28212
secunia.com/advisories/28224
secunia.com/advisories/28606
security.gentoo.org/glsa/glsa-200711-06.xml
sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1
sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1
support.avaya.com/elmodocs2/security/ASA-2007-353.htm
svn.apache.org/viewvc?view=rev&revision=549159
www-1.ibm.com/support/docview.wss?uid=swg1PK52702
www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only
www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
www.mandriva.com/security/advisories?name=MDKSA-2007:140
www.mandriva.com/security/advisories?name=MDKSA-2007:141
www.mandriva.com/security/advisories?name=MDKSA-2007:142
www.novell.com/linux/security/advisories/2007_61_apache2.html
www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
www.redhat.com/support/errata/RHSA-2007-0532.html
www.redhat.com/support/errata/RHSA-2007-0557.html
www.redhat.com/support/errata/RHSA-2008-0261.html
www.securityfocus.com/archive/1/505990/100/0/threaded
www.securityfocus.com/bid/24645
www.securitytracker.com/id?1018302
www.trustix.org/errata/2007/0026/
www.ubuntu.com/usn/usn-499-1
www.vupen.com/english/advisories/2007/2727
www.vupen.com/english/advisories/2007/3283
www.vupen.com/english/advisories/2007/3386
www.vupen.com/english/advisories/2007/4305
www.vupen.com/english/advisories/2008/0233
exchange.xforce.ibmcloud.com/vulnerabilities/35097
issues.rpath.com/browse/RPL-1500
lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154
rhn.redhat.com/errata/RHSA-2007-0533.html
Social References
More
Related
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.078 Low
EPSS
Percentile
94.2%