Http Server@2.2.3 Security Vulnerabilities and Issues — Http Server@2.2.3 CVE List

Lucene search

ApacheHttp Server2.2.3

5 matches found

CVE•added 2008/01/12 12:46 a.m.•296 views

CVE-2007-6423

Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue

7.8CVSS6.5AI score0.02941EPSS

CVE•added 2008/01/08 6:46 p.m.•186 views

CVE-2007-6422

The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.

4CVSS5.8AI score0.00611EPSS

CVE•added 2008/01/12 12:46 a.m.•185 views

CVE-2007-6420

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.

4.3CVSS6.7AI score0.16983EPSS

CVE•added 2008/01/08 7:46 p.m.•175 views

CVE-2007-6421

Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.

3.5CVSS7.8AI score0.02116EPSS

CVE•added 2008/05/13 9:20 p.m.•153 views

CVE-2008-2168

Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.

4.3CVSS5.4AI score0.64917EPSS