Oval Definition:oval:org.mitre.oval:def:19539
Revision Date:2015-04-20Version:25
Title:HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Cross Site Scripting (XSS)
Description:Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2012-2687
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • HP-UX B.11.31
  • AND hpuxws22TOMCAT.TOMCAT version is less than D.7.0.35.01
    • BACK