Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-5944
HistoryNov 14, 2007 - 1:46 a.m.

CVE-2007-5944

2007-11-1401:46:00
CWE-79
[email protected]
web.nvd.nist.gov
29
cve-2007-5944
ibm websphere
xss
cross-site scripting
vulnerability
servlet engine
web container
nvd

5.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

71.6%

JSON

Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. NOTE: this might be the same issue as CVE-2006-3918, but there are insufficient details to be sure.

Related

prion 2
nessus 12
f5 2
httpd 1
ubuntucve 2
debiancve 2
oraclelinux 1
redhat 2
checkpoint_advisories 1
packetstorm 2
centos 3
cve 2
exploitpack 1
osv 1
seebug 1
openvas 13
debian 1
exploitdb 1
suse 2
ubuntu 1
prion
prion
Cross site scripting
2007-11-14 01:46:00
Cross site scripting
2007-12-03 22:46:00
nessus
nessus
Web Server Expect Header XSS
2006-08-23 00:00:00
RHEL 3 / 4 : httpd (RHSA-2006:0619)
2006-08-14 00:00:00
CentOS 3 / 4 : httpd (CESA-2006:0619)
2006-08-14 00:00:00
f5
f5
K6669 : Apache HTTP Expect header handling
2013-03-19 00:00:00
SOL6669 - Apache HTTP Expect header handling
2007-05-16 00:00:00
httpd
httpd
Apache Httpd < 1.3.35 : Expect header Cross-Site Scripting
2006-05-01 00:00:00
ubuntucve
ubuntucve
CVE-2006-3918
2006-07-27 00:00:00
CVE-2007-6203
2007-12-03 00:00:00
debiancve
debiancve
CVE-2006-3918
2006-07-28 00:04:00
CVE-2007-6203
2007-12-03 22:46:00
oraclelinux
oraclelinux
Moderate httpd security update
2006-11-30 00:00:00
redhat
redhat
(RHSA-2006:0619) httpd security update
2006-08-10 00:00:00
(RHSA-2006:0618) apache security update
2006-08-08 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTP Server Header Injection Cross-Site Scripting (CVE-2006-3918)
2014-03-17 00:00:00
packetstorm
packetstorm
ProCheckUp Security Advisory 2007.37
2007-12-02 00:00:00
Oracle HTTP Server Header Cross Site Scripting
2011-06-14 00:00:00
centos
centos
httpd, mod_ssl security update
2006-08-24 16:29:11
apache security update
2006-08-08 23:33:33
httpd, mod_ssl security update
2006-08-10 22:42:31
cve
cve
CVE-2006-3918
2006-07-28 00:04:00
CVE-2007-6203
2007-12-03 22:46:00
exploitpack
exploitpack
Oracle HTTP Server - Cross-Site Scripting Header Injection
2011-06-13 00:00:00
osv
osv
apache - missing input sanitising
2006-09-04 00:00:00
seebug
seebug
Oracle HTTP Server - XSS Header Injection
2014-07-01 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1167-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1167-1 (apache)
2008-01-17 00:00:00
SLES9: Security update for apache2,apache2-prefork,apache2-worker
2009-10-10 00:00:00
debian
debian
[SECURITY] [DSA 1167-1] New apache packages fix several vulnerabilities
2006-09-04 15:08:06
exploitdb
exploitdb
Oracle HTTP Server - Cross-Site Scripting Header Injection
2011-06-13 00:00:00
suse
suse
cryptographic problems in apache2
2006-09-08 14:34:17
cross site scripting in apache2,apache
2008-04-04 16:29:16
ubuntu
ubuntu
Apache vulnerabilities
2008-02-04 00:00:00

5.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

71.6%

JSON
Related for CVE-2007-5944
prion2nessus12f52httpd1ubuntucve2debiancve2oraclelinux1redhat2checkpoint_advisories1packetstorm2centos3cve2exploitpack1osv1seebug1openvas13debian1exploitdb1suse2ubuntu1