httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jor...@apache.org
Subject svn commit: r603343 - /httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
Date Tue, 11 Dec 2007 19:47:52 GMT
Author: jorton
Date: Tue Dec 11 11:47:40 2007
New Revision: 603343

URL: http://svn.apache.org/viewvc?rev=603343&view=rev
Log:
Add CVE-2007-5000.

Modified:
    httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=603343&r1=603342&r2=603343&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml Tue Dec 11 11:47:40 2007
@@ -1,4 +1,20 @@
-<security updated="20070907">
+<security updated="20071211">
+
+<issue fixed="2.2.7-dev" public="20071211" reported="20071023">
+<cve name="CVE-2007-5000"/>
+<severity level="3">moderate</severity>      
+<title>mod_imagemap XSS</title>
+<description><p>
+A flaw was found in the mod_imagemap module. On sites where
+mod_imagemap is enabled and an imagemap file is publicly available, a
+cross-site scripting attack is possible.</p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
 
 <issue fixed="2.2.6" public="20061210" reported="20061210" released="20070907">
 <cve name="CVE-2007-3847"/>



Mime
View raw message