Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
Schweregrad: : Medium
Identificador(es) CVE: : CVE-2008-2168
Data do informe: 21 julho 2015
Descrição
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1002562
Trend Micro Deep Security DPI Rule Name: 1002562 - Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
Software infectado e versão:
- apache http_server 2.0
- apache http_server 2.0.28
- apache http_server 2.0.32
- apache http_server 2.0.34