4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
54.5%
The Apache HTTP Server is a popular and freely-available Web server.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. The Common Vulnerabilities and
Exposures project assigned the name CVE-2005-3352 to this issue.
Users of apache should upgrade to these updated packages, which contain
a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i386 | apache-manual | < 1.3.27-10.ent | apache-manual-1.3.27-10.ent.i386.rpm |
RedHat | any | ia64 | apache-devel | < 1.3.27-10.ent | apache-devel-1.3.27-10.ent.ia64.rpm |
RedHat | any | i386 | apache-devel | < 1.3.27-10.ent | apache-devel-1.3.27-10.ent.i386.rpm |
RedHat | any | ia64 | apache-manual | < 1.3.27-10.ent | apache-manual-1.3.27-10.ent.ia64.rpm |
RedHat | any | ia64 | apache | < 1.3.27-10.ent | apache-1.3.27-10.ent.ia64.rpm |
RedHat | any | i386 | apache | < 1.3.27-10.ent | apache-1.3.27-10.ent.i386.rpm |