CVE-2008-2168 - Secunia Advisories - Vulnerability Intelligence

Secunia Advisories

CVE Reference: CVE-2008-2168
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-2168

Description: Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/42303 SAID Secunia Advisory: SA31651 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/491967/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/491930/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/491901/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/491862/100/0/threaded BID 29112

Return to the previous page.