Lucene search

K
freebsdFreeBSD9C88D8A8-8372-11E2-A010-20CF30E32F6D
HistoryOct 07, 2012 - 12:00 a.m.

apache22 -- several vulnerabilities

2012-10-0700:00:00
vuxml.freebsd.org
20

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.218 Low

EPSS

Percentile

96.5%

Apache HTTP SERVER PROJECT reports:

low: XSS due to unescaped hostnames CVE-2012-3499
Various XSS flaws due to unescaped hostnames and URIs HTML output in
mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
moderate: XSS in mod_proxy_balancer CVE-2012-4558
A XSS flaw affected the mod_proxy_balancer manager interface.

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.218 Low

EPSS

Percentile

96.5%