Gravità: : Medio
  Identificatori CVE: CVE-2012-4558
  Data notifica: 21 luglio 2015

  Descrizione

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.

  Informazioni esposizione:

Apply associated Trend Micro DPI Rules.

  Soluzioni

  Trend Micro Deep Security DPI Rule Number: 1000552
  Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

  Software e versione interessati:

  • apache http_server 2.2
  • apache http_server 2.2.0
  • apache http_server 2.2.1
  • apache http_server 2.2.10
  • apache http_server 2.2.11
  • apache http_server 2.2.12
  • apache http_server 2.2.13
  • apache http_server 2.2.14
  • apache http_server 2.2.15
  • apache http_server 2.2.16
  • apache http_server 2.2.17
  • apache http_server 2.2.18
  • apache http_server 2.2.19
  • apache http_server 2.2.2
  • apache http_server 2.2.20
  • apache http_server 2.2.21
  • apache http_server 2.2.22
  • apache http_server 2.2.23
  • apache http_server 2.2.3
  • apache http_server 2.2.4
  • apache http_server 2.2.6
  • apache http_server 2.2.8
  • apache http_server 2.2.9
  • apache http_server 2.4.0
  • apache http_server 2.4.1
  • apache http_server 2.4.2
  • apache http_server 2.4.3