Lucene search

K
httpdApache Team FoundationHTTPD:4552C39F6C7671DAFFFFF7180F10B92D
HistoryOct 23, 2007 - 12:00 a.m.

Apache Httpd < 1.3.41 : mod_imagemap XSS

2007-10-2300:00:00
Apache Team Foundation
httpd.apache.org
13

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.604

Percentile

97.9%

A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.

Affected configurations

Vulners
Node
apacheapache_httpdMatch1.3.39
OR
apacheapache_httpdMatch1.3.37
OR
apacheapache_httpdMatch1.3.36
OR
apacheapache_httpdMatch1.3.35
OR
apacheapache_httpdMatch1.3.34
OR
apacheapache_httpdMatch1.3.33
OR
apacheapache_httpdMatch1.3.32
OR
apacheapache_httpdMatch1.3.31
OR
apacheapache_httpdMatch1.3.29
OR
apacheapache_httpdMatch1.3.28
OR
apacheapache_httpdMatch1.3.27
OR
apacheapache_httpdMatch1.3.26
OR
apacheapache_httpdMatch1.3.24
OR
apacheapache_httpdMatch1.3.22
OR
apacheapache_httpdMatch1.3.20
OR
apacheapache_httpdMatch1.3.19
OR
apacheapache_httpdMatch1.3.17
OR
apacheapache_httpdMatch1.3.14
OR
apacheapache_httpdMatch1.3.12
OR
apacheapache_httpdMatch1.3.11
OR
apacheapache_httpdMatch1.3.9
OR
apacheapache_httpdMatch1.3.6
OR
apacheapache_httpdMatch1.3.4
OR
apacheapache_httpdMatch1.3.3
OR
apacheapache_httpdMatch1.3.2
OR
apacheapache_httpdMatch1.3.1
OR
apacheapache_httpdMatch1.3.0
VendorProductVersionCPE
apacheapache_httpd1.3.39cpe:2.3:a:apache:apache_httpd:1.3.39:*:*:*:*:*:*:*
apacheapache_httpd1.3.37cpe:2.3:a:apache:apache_httpd:1.3.37:*:*:*:*:*:*:*
apacheapache_httpd1.3.36cpe:2.3:a:apache:apache_httpd:1.3.36:*:*:*:*:*:*:*
apacheapache_httpd1.3.35cpe:2.3:a:apache:apache_httpd:1.3.35:*:*:*:*:*:*:*
apacheapache_httpd1.3.34cpe:2.3:a:apache:apache_httpd:1.3.34:*:*:*:*:*:*:*
apacheapache_httpd1.3.33cpe:2.3:a:apache:apache_httpd:1.3.33:*:*:*:*:*:*:*
apacheapache_httpd1.3.32cpe:2.3:a:apache:apache_httpd:1.3.32:*:*:*:*:*:*:*
apacheapache_httpd1.3.31cpe:2.3:a:apache:apache_httpd:1.3.31:*:*:*:*:*:*:*
apacheapache_httpd1.3.29cpe:2.3:a:apache:apache_httpd:1.3.29:*:*:*:*:*:*:*
apacheapache_httpd1.3.28cpe:2.3:a:apache:apache_httpd:1.3.28:*:*:*:*:*:*:*
Rows per page:
1-10 of 271

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.604

Percentile

97.9%