54 matches found
httpd: mod_imagemap XSS
Cross-site scripting XSS vulnerability in the 1 modimap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the 2 modimagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Apache < 2.2.8 Multiple Vulnerabilities
Binary data 4385.prm...
Apache 2.2.x < 2.2.8 Multiple Vulnerabilities (XSS, DoS)
According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.8. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting issue involving modimagemap CVE-2007-5000. - A cross-site scripting issue involving 413 error pages via a...
Fedora 7 : httpd-2.2.8-1.fc7 (2008-1711)
Notes: This update includes the latest release of httpd 2.2, which fixes a number of minor security issues and other bugs. A flaw was found in the modimagemap module. On sites where modimagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible...
Fedora 8 : httpd-2.2.8-1.fc8 (2008-1695)
This update includes the latest release of httpd 2.2, which fixes a number of minor security issues and other bugs. A flaw was found in the modimagemap module. On sites where modimagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible...
Moderate: Red Hat Security Advisory: httpd security update
Updated Apache httpd packages that correct several security issues are now available for Red Hat Application Stack v2. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. These...
Moderate: Red Hat Security Advisory: httpd security update
Updated Apache httpd packages that correct security issues are now available for Red Hat Application Stack v1 This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the modimagemap...
Apache mod_imagemap和mod_imap模块跨站脚本漏洞
BUGTRAQ ID: 26838 CVECAN ID: CVE-2007-5000 Apache HTTP Server是一款流行的Web服务器。 Apache的modimagemap和modimap模块中没有正确地过滤某些用户输入,允许远程攻击者提交恶意的HTTP请求执行跨站脚本攻击。 Apache Group Apache 2.2.0 - 2.2.6 Apache Group Apache 2.0.35 - 2.0.61 Apache Group Apache 1.3.0 - 1.3.39 Apache Group ------------...
Preemptive Protection against Apache mod_imap and mod_imagemap Module Cross-Site Scripting Vulnerability
A cross-site scripting XSS vulnerability exists in Apache modimap and modimagemap Module. Apache HTTP server is a popular web server application. Successful exploitation of this vulnerability could result in execution of arbitrary code on a user's system...
JVN#80057925: Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"
The Apache HTTP Server is open source web server software. The Apache HTTP Server modules modimap and modimagemap provide server-side imagemap processing capability. The Apache HTTP Server modules modimap and modimagemap are vulnerable to cross-site scripting. Impact An arbitrary script can be...
Apache Httpd < 2.2.8 : mod_imagemap XSS
A flaw was found in the modimagemap module. On sites where modimagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible...
Apache Httpd < 1.3.41 : mod_imagemap XSS
A flaw was found in the modimagemap module. On sites where modimagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible...
Apache Httpd < 2.0.63 : mod_imagemap XSS
A flaw was found in the modimagemap module. On sites where modimagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible...
JVN#06045169 mod_imap cross-site scripting vulnerability
Impact A remote attacker could execute a malicious script on the web browser of a user who accessed a web page where modimap or modimagemap is used. Solution Products Affected For more information, refer to the vendor's website...