Oval Definition:
oval:org.mitre.oval:def:22498
Revision Date
:
2014-05-26
Version
:
36
Title
:
ELSA-2008:0008: httpd security update (Moderate)
Description
:
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2007-4465
CVE-2007-5000
CVE-2007-6388
CVE-2007-6421
CVE-2007-6422
CVE-2008-0005
ELSA-2008:0008-01
Platform(s)
:
Oracle Linux 5
Product(s)
:
httpd
Definition Synopsis
Oracle Linux 5.x
AND
rpm test
httpd-manual is earlier than 0:2.2.3-11.el5_1.3
OR
httpd-devel is earlier than 0:2.2.3-11.el5_1.3
OR
mod_ssl is earlier than 0:2.2.3-11.el5_1.3
OR
httpd is earlier than 0:2.2.3-11.el5_1.3
BACK