The Apache HTTP Server is open source web server software. The Apache HTTP Server modules mod_imap and mod_imagemap provide server-side imagemap processing capability.
The Apache HTTP Server modules mod_imap and mod_imagemap are vulnerable to cross-site scripting.

Impact

An arbitrary script can be executed on the user’s web browser.

Solution

Apply the Patch
Apply the appropriate patches according to the information provided by the vendors.\n\n

Products Affected

Apache HTTP Server 2.2.6 and earlier
Apache HTTP Server 2.0.61 and earlier
Apache HTTP Server 1.3.39 and earlier
For details, see the information provided by the vendors.

veracode 1

cve 1

httpd 3

checkpoint_advisories 2

f5 2

seebug 1

prion 1

ubuntucve 1

debiancve 1

nessus 40

securityvulns 4

openvas 71

slackware 3

redhat 8

centos 4

oraclelinux 3

altlinux 3

fedora 2

suse 1

vmware 2

ubuntu 1

oracle 1

veracode

Cross-Site Scripting (XSS)

2020-04-10 00:19:34

cve

CVE-2007-5000

2007-12-13 18:46:00

httpd

Apache Httpd < 2.0.63 : mod_imagemap XSS

2007-10-23 00:00:00

Apache Httpd < 2.2.8 : mod_imagemap XSS

2007-10-23 00:00:00

Apache Httpd < 1.3.41 : mod_imagemap XSS

2007-10-23 00:00:00

checkpoint_advisories

Preemptive Protection against Apache mod_imap and mod_imagemap Module Cross-Site Scripting Vulnerability

2008-01-08 00:00:00

Apache mod_imap and mod_imagemap Module Cross-Site Scripting (CVE-2007-5000)

2009-10-21 00:00:00

SOL8186 - Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000

2007-12-27 00:00:00

K8186 : Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000

2013-03-19 00:00:00

seebug

Apache mod_imagemap和mod_imap模块跨站脚本漏洞

2008-01-11 00:00:00

prion

Cross site scripting

2007-12-13 18:46:00

ubuntucve

CVE-2007-5000

2007-12-13 00:00:00

debiancve

CVE-2007-5000

2007-12-13 18:46:00

nessus

F5 Networks BIG-IP : XSS vulnerability in Apache mod_imap (SOL8186)

2014-10-10 00:00:00

Slackware 12.0 / 12.1 / current : httpd (SSA:2008-210-02)

2008-07-29 00:00:00

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 8.1 / 9.0 / 9.1 : apache (SSA:2008-045-02)

2008-02-18 00:00:00

securityvulns

HP OpenView Network Node Manager crossite scripting

2008-11-21 00:00:00

[security bulletin] HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)

2008-11-21 00:00:00

About the security content of Security Update 2008-003 / Mac OS X 10.5.3

2008-05-30 00:00:00

openvas

Slackware Advisory SSA:2008-210-02 httpd

2012-09-11 00:00:00

HP OpenView Network Node Manager XSS Vulnerability

2008-12-02 00:00:00

Slackware: Security Advisory (SSA:2008-210-02)

2012-09-10 00:00:00

slackware

[slackware-security] httpd

2008-07-29 05:31:49

[slackware-security] apache

2008-02-15 01:23:13

[slackware-security] httpd

2008-02-15 01:22:54

redhat

(RHSA-2008:0007) Moderate: httpd security update

2008-01-15 00:00:00

(RHSA-2008:0006) Moderate: httpd security update

2008-01-15 00:00:00

(RHSA-2008:0004) Moderate: apache security update

2008-01-15 00:00:00

centos

apache security update

2008-01-16 02:42:35

httpd, mod_ssl security update

2008-01-15 13:48:01

httpd, mod_ssl security update

2008-01-15 12:48:29

oraclelinux

Moderate: httpd security update

2008-01-15 00:00:00

Moderate: httpd security update

2008-01-15 00:00:00

Moderate: httpd security update

2008-01-15 00:00:00

altlinux

Security fix for the ALT Linux 9 package apache2 version 2.2.8-alt1

2008-02-29 00:00:00

Security fix for the ALT Linux 10 package apache2 version 2.2.8-alt1

2008-02-29 00:00:00

Security fix for the ALT Linux 8 package apache2 version 2.2.8-alt1

2008-02-29 00:00:00

fedora

[SECURITY] Fedora 8 Update: httpd-2.2.8-1.fc8

2008-02-16 02:11:16

[SECURITY] Fedora 7 Update: httpd-2.2.8-1.fc7

2008-02-16 02:08:32

suse

cross site scripting in apache2,apache

2008-04-04 16:29:16

vmware

VMware Hosted products update libpng and Apache HTTP Server

2009-08-20 00:00:00

VMware Hosted products update libpng and Apache HTTP Server

2009-08-20 00:00:00

ubuntu

Apache vulnerabilities

2008-02-04 00:00:00

oracle

Oracle Critical Patch Update - July 2013

2013-07-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.646 Medium

EPSS

Percentile

97.9%

JSON

Related for JVN:80057925