Anfälligkeitssuche        Suche in 211766 CVE Beschreibungen
und 97459 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2007-6203
Beschreibung:Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross- site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
Test Kennungen: Nicht verfügbar
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2007-6203
BugTraq ID: 26663
Bugtraq: 20071130 PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method (Google Search)
HPdes Security Advisory: HPSBUX02465
HPdes Security Advisory: HPSBUX02612
HPdes Security Advisory: SSRT090192
HPdes Security Advisory: SSRT100345
SuSE Security Announcement: SUSE-SA:2008:021 (Google Search)
XForce ISS Database: apache-413error-xss(38800)

© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.