Lucene search
K

5 matches found

CVE
CVE
added 2013/07/23 3:0 p.m.2014 views

CVE-2013-2249

CVE-2013-2249 concerns Apache HTTP Server’s mod_session_dbd. The issue arises when mod_session_dbd proceeds with save operations for a session without honoring the dirty flag or requiring a new session ID, as described in multiple sources. Public references indicate the vulnerability is associate...

7.5CVSS6.4AI score0.14255EPSS
CVE
CVE
added 2013/02/26 4:0 p.m.1352 views

CVE-2012-3499

CVE-2012-3499 affects Apache HTTP Server 2.2.x (pre-2.2.24-dev) and 2.4.x (pre-2.4.4). The issue comprises multiple XSS flaws in modules including mod_imagemap, mod_info, mod_ldap, mod_proxy_ftp, and mod_status. An attacker can inject arbitrary web script/HTML via crafted Host header or URI-relat...

4.3CVSS6AI score0.22913EPSS
CVE
CVE
added 2013/07/10 8:0 p.m.1257 views

CVE-2013-1896

The CVE-2013-1896 issue affects the Apache HTTP Server: mod_dav.c fails to correctly determine if DAV is enabled for a URI, allowing a remote attacker to trigger a segfault via a MERGE request when the URI is handled by mod_dav_svn and the href in the XML data points to a non-DAV URI. This can le...

4.3CVSS6.2AI score0.29484EPSS
CVE
CVE
added 2013/06/10 5:0 p.m.1170 views

CVE-2013-1862

CVE-2013-1862 affects Apache HTTP Server 2.2.x up to 2.2.24, where mod_rewrite writes log data without sanitizing non‑printable characters. This can allow a remote attacker to execute arbitrary commands by sending an HTTP request containing an escape sequence for a terminal emulator, with some so...

5.1CVSS6.9AI score0.24886EPSS
CVE
CVE
added 2013/02/26 4:0 p.m.1151 views

CVE-2012-4558

CVE-2012-4558 is an XSS vulnerability in Apache HTTP Server's balancer_handler (mod_proxy_balancer). Remote attackers can inject arbitrary web script/HTML via a crafted string in the manager interface for Apache 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4. Impact is arbitrary script execution ...

4.3CVSS6AI score0.22913EPSS