Oval Definition:oval:org.opensuse.security:def:20076203
Revision Date:2015-11-16Version:1
Title:CVE-2007-6203
Description:
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-6203
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Novell Linux Desktop 9 SDK for x86
Novell Linux Desktop 9 SDK for x86_64
Open Enterprise Server
openSUSE 10.3
SUSE LINUX 10.1
Product(s):
Definition Synopsis
  • Release Information
  • sles9-nld is installed
  • AND libapr0 less than 2.0.59-1.8
  • OR
  • sles9-nld-sdk is installed
  • apache2-devel less than 2.0.59-1.8
  • OR apache2-prefork less than 2.0.59-1.8
  • OR apache2-worker less than 2.0.59-1.8
  • OR apache2 less than 2.0.59-1.8
  • OR
  • sles9-oes is installed
  • apache2-devel less than 2.0.59-1.8
  • OR apache2-doc less than 2.0.59-1.8
  • OR apache2-example-pages less than 2.0.59-1.8
  • OR apache2-prefork less than 2.0.59-1.8
  • OR apache2-worker less than 2.0.59-1.8
  • OR apache2 less than 2.0.59-1.8
  • OR libapr0 less than 2.0.59-1.8
  • OR Package Information
  • suse101 is installed
  • AND
  • apache2-devel less than 2.2.3-16.17.3
  • OR apache2-doc less than 2.2.3-16.17.3
  • OR apache2-example-pages less than 2.2.3-16.17.3
  • OR apache2-prefork less than 2.2.3-16.17.3
  • OR apache2-worker less than 2.2.3-16.17.3
  • OR apache2 less than 2.2.3-16.17.3
    • BACK