Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Recent | Sitemap

CVE-2008-0455 (Apache HTTP Server)
BugsAlert Home > CVE-2008-0455 (Apache HTTP Server)
 
 

Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is o...




Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0455

Learn more about CVE-2008-0455 (Apache HTTP Server)
 
Tags: cve-2008-0455 apache http server

Related Items
      Brief: "One-Character Patch" for DNS? Not so fast

      FrSIRT - Hummingbird Deployment Wizard ActiveX Remote Vulnerabilities

      make (linux) multiples buffer overflow

      CVE-2008-2547 (windows_installer)

      FrSIRT - Linux Kernel ASN.1 BER Decoding Remote Buffer Overflow Vulnerability

      CVE-2008-4109 (openssh)

      Mandriva: Updated kdebase package fixes a few bugs

 
© 2007-2009 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel