Http Server@2.0.35 Security Vulnerabilities and Issues — Http Server@2.0.35 CVE List

Lucene search

ApacheHttp Server2.0.35

4 matches found

CVE•added 2008/06/13 6:41 p.m.•240 views

CVE-2008-2364

The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of inter...

5CVSS7.2AI score0.07143EPSS

CVE•added 2008/01/08 6:46 p.m.•218 views

CVE-2007-6388

Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS8AI score0.78768EPSS

CVE•added 2008/05/13 9:20 p.m.•154 views

CVE-2008-2168

Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.

4.3CVSS5.4AI score0.62976EPSS

CVE•added 2008/01/12 12:46 a.m.•123 views

CVE-2008-0005

mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.

4.3CVSS8.6AI score0.03487EPSS