Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-5000

Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Related bugs and status

CVE-2007-5000 (Candidate) is related to these bugs:

Bug #163828: [apache2] Multiple vulnerabilities possibly resulting in a Denial of Service or the disclosure of sensitive information

Summary				In	Importance	Status
	163828	[apache2] Multiple vulnerabilities possibly resulting in a Denial of Service or the disclosure of sensitive information		apache2 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://httpd.apache.or...
CONFIRM: http://httpd.apache.or...
CONFIRM: http://httpd.apache.or...
SECUNIA: 28046
SECUNIA: 28073
BID: 26838
SECTRACK: 1019093
SECUNIA: 28081
AIXAPAR: PK58024
SECUNIA: 28196
AIXAPAR: PK58074
SECUNIA: 28375
REDHAT: RHSA-2008:0004
REDHAT: RHSA-2008:0005
REDHAT: RHSA-2008:0006
REDHAT: RHSA-2008:0007
REDHAT: RHSA-2008:0008
MANDRIVA: MDVSA-2008:014
MANDRIVA: MDVSA-2008:015
SECUNIA: 28467
SECUNIA: 28471
CONFIRM: http://www.fujitsu.com...
MANDRIVA: MDVSA-2008:016
SECUNIA: 28525
SECUNIA: 28526
CONFIRM: http://support.avaya.c...
SECUNIA: 28607
UBUNTU: USN-575-1
SECUNIA: 28749
HP: HPSBUX02308
HP: SSRT080010
SECUNIA: 28750
OSVDB: 39134
FEDORA: FEDORA-2008-1695
FEDORA: FEDORA-2008-1711
SECUNIA: 28977
SECUNIA: 28922
SUNALERT: 233623
CONFIRM: http://docs.info.apple...
APPLE: APPLE-SA-2008-03-18
SECUNIA: 29420
SUSE: SUSE-SA:2008:021
SECUNIA: 29640
AIXAPAR: PK63273
SECUNIA: 29806
REDHAT: RHSA-2008:0009
SECUNIA: 29988
AIXAPAR: PK65782
REDHAT: RHSA-2008:0261
SECUNIA: 30356
APPLE: APPLE-SA-2008-05-28
CERT: TA08-150A
SECUNIA: 30430
SECUNIA: 31142
SECUNIA: 30732
MLIST: [security-announce] 20...
VUPEN: ADV-2007-4201
VUPEN: ADV-2007-4202
VUPEN: ADV-2007-4301
VUPEN: ADV-2008-0084
VUPEN: ADV-2008-0178
VUPEN: ADV-2008-0398
VUPEN: ADV-2008-0809
VUPEN: ADV-2008-0924
VUPEN: ADV-2008-1224
VUPEN: ADV-2008-1623
VUPEN: ADV-2008-1697
VUPEN: ADV-2008-1875
SECUNIA: 32800
CONFIRM: http://www.oracle.com/...
HP: HPSBOV02683
HP: SSRT090208
SLACKWARE: SSA:2008-045-02
XF: apache-modimagemap-xss...
XF: apache-modimap-xss(39001)
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080716 rPSA-2008-003...
BUGTRAQ: 20090821 VMSA-2009-001...
HP: HPSBMA02388
HP: SSRT080059
MLIST: [httpd-cvs] 20190815 s...
MLIST: [httpd-cvs] 20190815 s...
MLIST: [httpd-cvs] 20190815 s...
MLIST: [httpd-cvs] 20190815 s...
MLIST: [httpd-cvs] 20200401 s...
MLIST: [httpd-cvs] 20200401 s...
MLIST: [httpd-cvs] 20200401 s...
MLIST: [httpd-cvs] 20200401 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210330 s...
MLIST: [httpd-cvs] 20210606 s...
MLIST: [httpd-cvs] 20210606 s...
MLIST: [httpd-cvs] 20210606 s...