Lucene search
RootSSV:60653HistoryFeb 28, 2013 - 12:00 a.m.
Apache HTTP Server多个模块主机名和URI跨站脚本漏洞
2013-02-2800:00:00
Root
www.seebug.org
380
0.008 Low
EPSS
Percentile
79.2%
BUGTRAQ ID: 58165
CVE(CAN) ID: CVE-2012-3499
Apache HTTP Server是开源HTTP服务器。
Apache HTTP Server 2.4.4及之前版本在实现上存在多个XSS漏洞,通过模块(1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, (5) mod_status内的主机名和URI,远程攻击者可利用此漏洞注入任意js脚本和HTML。
0
Apache Group HTTP Server 2.4.x
Apache Group HTTP Server 2.2.x
厂商补丁:
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
prion
prion
Cross site scripting
2013-02-26 16:55:00
f5
f5
SOL15900 - Apache HTTP server vulnerability CVE-2012-3499
2014-12-10 00:00:00
K15900 : Apache HTTP server vulnerability CVE-2012-3499
2014-12-11 00:00:00
SOL15865 - Apache HTTP server vulnerability CVE-2012-4558
2014-11-25 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:52:43
Arbitrary Code Injection
2019-05-02 04:44:51
cve
cve
CVE-2012-3499
2013-02-26 16:55:00
httpd
httpd
Apache Httpd < 2.4.4 : XSS due to unescaped hostnames
2012-07-11 00:00:00
Apache Httpd < 2.2.24 : XSS due to unescaped hostnames
2012-07-11 00:00:00
ubuntucve
ubuntucve
CVE-2012-3499
2013-02-26 00:00:00
CVE-2012-4558
2013-02-26 00:00:00
debiancve
debiancve
CVE-2012-3499
2013-02-26 16:55:00
nessus
nessus
SuSE 11.2 Security Update : Apache (SAT Patch Number 7570)
2013-04-10 00:00:00
Amazon Linux AMI : httpd24 (ALAS-2013-175)
2013-09-04 00:00:00
SuSE 10 Security Update : Apache (ZYPP Patch Number 8530)
2013-04-10 00:00:00
freebsd
freebsd
apache22 -- several vulnerabilities
2012-10-07 00:00:00
openvas
openvas
Fedora Update for httpd FEDORA-2013-4541
2013-04-02 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-175)
2015-09-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0648-1)
2021-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: httpd-2.4.4-2.fc18
2013-04-01 03:30:25
amazon
amazon
Medium: httpd24
2013-03-26 21:29:00
Medium: httpd
2013-03-26 21:25:00
Medium: httpd24
2013-05-24 13:57:00
slackware
slackware
httpd
2013-03-03 15:02:33
securityvulns
securityvulns
Apache security vulnerabilities
2013-03-02 00:00:00
[ MDVSA-2013:015 ] apache
2013-03-02 00:00:00
hackerone
hackerone
Pornhub: SSRF & XSS (W3 Total Cache)
2016-05-14 01:22:59
Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)
2015-06-09 17:47:58
oraclelinux
oraclelinux
httpd security update
2013-05-13 00:00:00
debian
debian
[SECURITY] [DSA 2637-1] apache2 security update
2013-03-04 21:34:32
[SECURITY] [DSA 2637-1] apache2 security update
2013-03-04 21:34:32
redhat
redhat
(RHSA-2013:0815) Moderate: httpd security update
2013-05-13 00:00:00
(RHSA-2013:1011) Moderate: Red Hat JBoss Web Server 2.0.1 update
2013-07-03 00:00:00
(RHSA-2013:1012) Moderate: Red Hat JBoss Web Server 2.0.1 update
2013-07-03 15:40:17
osv
osv
apache2 - several
2013-03-04 00:00:00
centos
centos
httpd, mod_ssl security update
2013-05-13 22:32:03
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2013-03-18 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2014
2014-01-14 00:00:00