oval:org.mitre.oval:def:6089

Definition Id: oval:org.mitre.oval:def:6089

Oval ID:	oval:org.mitre.oval:def:6089
Title:	HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)
Description:	Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-4465	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02365 HP Release B.11.11 AND filesets tests hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01 OR Criteria meets HP Security Bulletin HPSBUX02365 platforms HP-UX B.11.31 AND HP Release B.11.23 AND filesets tests hpuxwsAPCH32.PHP version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.PHP2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.APACHE version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.APACHE2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.MOD_JK version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.MOD_PERL version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.WEBPROXY version is less than B.2.0.59.07.01 AND hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.59.07.01 AND hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0310s

Facebook rss twitter linkedin mail