Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
Schweregrad:: Mittel
CVE Kennungen:: CVE-2008-2168
Hinweisdatum: 21 Juli 2015
Beschreibung
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1002562
Trend Micro Deep Security DPI Rule Name: 1002562 - Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
Betroffene Software und Version:
- apache http_server 2.0
- apache http_server 2.0.28
- apache http_server 2.0.32
- apache http_server 2.0.34