The ht://Dig system is a complete World Wide Web indexing and searching
system for a small domain or intranet.
A cross-site scripting flaw was discovered in a htdig search page. An
attacker could construct a carefully crafted URL, which once visited by an
unsuspecting user, could cause a user’s Web browser to execute malicious
script in the context of the visited htdig search Web page. (CVE-2007-6110)
Users of htdig are advised to upgrade to these updated packages, which
contain backported patch to resolve this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | ppc | htdig | < 3.2.0b6-4.el4_6 | htdig-3.2.0b6-4.el4_6.ppc.rpm |
RedHat | 4 | ppc | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.ppc.rpm |
RedHat | 4 | ia64 | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.ia64.rpm |
RedHat | 5 | ppc | htdig | < 3.2.0b6-9.0.1.el5_1 | htdig-3.2.0b6-9.0.1.el5_1.ppc.rpm |
RedHat | 4 | x86_64 | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.x86_64.rpm |
RedHat | 5 | i386 | htdig-web | < 3.2.0b6-9.0.1.el5_1 | htdig-web-3.2.0b6-9.0.1.el5_1.i386.rpm |
RedHat | 4 | x86_64 | htdig | < 3.2.0b6-4.el4_6 | htdig-3.2.0b6-4.el4_6.x86_64.rpm |
RedHat | 4 | i386 | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.i386.rpm |
RedHat | 4 | src | htdig | < 3.2.0b6-4.el4_6 | htdig-3.2.0b6-4.el4_6.src.rpm |
RedHat | 5 | s390x | htdig-web | < 3.2.0b6-9.0.1.el5_1 | htdig-web-3.2.0b6-9.0.1.el5_1.s390x.rpm |