Lucene search

K
nvd[email protected]NVD:CVE-2011-4940
HistoryJun 27, 2012 - 10:18 a.m.

CVE-2011-4940

2012-06-2710:18:36
CWE-79
web.nvd.nist.gov
1

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.004

Percentile

74.3%

The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding.

Affected configurations

NVD
Node
pythonpythonRange2.5.6
OR
pythonpythonMatch0.9.0
OR
pythonpythonMatch0.9.1
OR
pythonpythonMatch1.2
OR
pythonpythonMatch1.3
OR
pythonpythonMatch1.5.2
OR
pythonpythonMatch1.6
OR
pythonpythonMatch1.6.1
OR
pythonpythonMatch2.0.1
OR
pythonpythonMatch2.1.1
OR
pythonpythonMatch2.1.2
OR
pythonpythonMatch2.1.3
OR
pythonpythonMatch2.2.1
OR
pythonpythonMatch2.2.2
OR
pythonpythonMatch2.2.3
OR
pythonpythonMatch2.3.1
OR
pythonpythonMatch2.3.2
OR
pythonpythonMatch2.3.3
OR
pythonpythonMatch2.3.4
OR
pythonpythonMatch2.3.5
OR
pythonpythonMatch2.3.7
OR
pythonpythonMatch2.4.1
OR
pythonpythonMatch2.4.2
OR
pythonpythonMatch2.4.3
OR
pythonpythonMatch2.4.4
OR
pythonpythonMatch2.4.6
OR
pythonpythonMatch2.5.1
OR
pythonpythonMatch2.5.2
OR
pythonpythonMatch2.5.3
OR
pythonpythonMatch2.5.4
Node
pythonpythonMatch2.6.1
OR
pythonpythonMatch2.6.2
OR
pythonpythonMatch2.6.3
OR
pythonpythonMatch2.6.4
OR
pythonpythonMatch2.6.5
OR
pythonpythonMatch2.6.6
Node
pythonpythonMatch2.7.1
OR
pythonpythonMatch2.7.1rc1
OR
pythonpythonMatch2.7.2rc1

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.004

Percentile

74.3%