Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
Publish date: 21 de julio de 2015
Gravedad: Medio
Identificadores de CVE : CVE-2008-2168
Fecha recomendada: 21 de julio de 2015
Descripción
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1002562
Trend Micro Deep Security DPI Rule Name: 1002562 - Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
Software y versión afectados
- apache http_server 2.0
- apache http_server 2.0.28
- apache http_server 2.0.32
- apache http_server 2.0.34