Vulnerability Name:

CVE-2005-3352 (CCN-23612)

Assigned:2005-12-12
Published:2005-12-12
Updated:2021-06-06
Summary:Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
CWE-79
Vulnerability Consequences:Gain Access
References:Source: SGI
Type: UNKNOWN
20060101-01-U

Source: MITRE
Type: CNA
CVE-2005-3352

Source: CCN
Type: Apple Web site
About Security Update 2008-002

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=307562

Source: CCN
Type: HP Security Bulletin HPSBMA02328 SSRT071293 rev.1
HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code

Source: HP
Type: UNKNOWN
SSRT071293

Source: CCN
Type: Apache HTTP Server Project Web site
Apache httpd 1.3 vulnerabilities

Source: CCN
Type: ASF Bugzilla Bug 37874
CVE-2005-3352 mod_imap cross-site scripting flaw

Source: CONFIRM
Type: UNKNOWN
http://issues.apache.org/bugzilla/show_bug.cgi?id=37874

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-05-28

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-03-18

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:011

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:004

Source: HP
Type: UNKNOWN
SSRT090208

Source: CCN
Type: RHSA-2006-0158
apache security update

Source: CCN
Type: RHSA-2006-0159
httpd security update

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0159

Source: CCN
Type: RHSA-2006-0692
apache security update for Stronghold

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0692

Source: CCN
Type: RHSA-2008-0523
Low: Red Hat Network Proxy Server security update

Source: CCN
Type: SA17319
IBM HTTP Server HTTP Request Smuggling and mod_imap Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
17319

Source: CCN
Type: SA18008
Apache mod_imap "Referer" Cross-Site Scripting Vulnerability

Source: SECUNIA
Type: UNKNOWN
18008

Source: SECUNIA
Type: UNKNOWN
18333

Source: SECUNIA
Type: UNKNOWN
18339

Source: SECUNIA
Type: UNKNOWN
18340

Source: SECUNIA
Type: UNKNOWN
18429

Source: SECUNIA
Type: UNKNOWN
18517

Source: SECUNIA
Type: UNKNOWN
18526

Source: SECUNIA
Type: UNKNOWN
18585

Source: SECUNIA
Type: UNKNOWN
18743

Source: SECUNIA
Type: UNKNOWN
19012

Source: SECUNIA
Type: UNKNOWN
20046

Source: CCN
Type: SA20670
IBM HTTP Server HTTP mod_imap Cross-Site Scripting

Source: SECUNIA
Type: UNKNOWN
20670

Source: SECUNIA
Type: UNKNOWN
21744

Source: SECUNIA
Type: UNKNOWN
22140

Source: SECUNIA
Type: UNKNOWN
22368

Source: CCN
Type: SA22388
Sun Solaris Apache "mod_rewrite" and "mod_imap" Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
22388

Source: CCN
Type: SA22669
HP-UX VirtualVault / Webproxy Apache Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
22669

Source: SECUNIA
Type: UNKNOWN
23260

Source: SECUNIA
Type: UNKNOWN
25239

Source: CCN
Type: SA29420
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
29420

Source: CCN
Type: SA29849
HP OpenView Network Node Manager Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
29849

Source: CCN
Type: SA30430
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
30430

Source: CCN
Type: SECTRACK ID: 1015344
Apache mod_imap Input Validation Flaw in Referer Field Lets Remote Users Conduct Cross-Site Scripting Attacks

Source: SECTRACK
Type: Patch
1015344

Source: SLACKWARE
Type: UNKNOWN
SSA:2006-130-01

Source: SLACKWARE
Type: UNKNOWN
SSA:2006-129-01

Source: CCN
Type: Sun Alert ID: 102662
Security Vulnerabilities in the Apache 2.0 Web Server "mod_rewrite" Module

Source: SUNALERT
Type: UNKNOWN
102662

Source: SUNALERT
Type: UNKNOWN
102663

Source: CCN
Type: ASA-2006-002
httpd security update (RHSA-2006-0159)

Source: CCN
Type: ASA-2006-042
apache security update (RHSA-2006-0158)

Source: CCN
Type: ASA-2006-261
HP-UX Apache Remote Execution of Arbitrary Code Denial of Service (DoS) and Unauthorized Access (HPSBUX02145)

Source: CCN
Type: IBM Support & downloads
PK25355; 2.0.47.1: IBM Http server V2.0.47 and V2.0.42 cumulative interim fix

Source: AIXAPAR
Type: UNKNOWN
PK16139

Source: AIXAPAR
Type: UNKNOWN
PK25355

Source: DEBIAN
Type: UNKNOWN
DSA-1167

Source: DEBIAN
Type: DSA-1167
apache -- missing input sanitising

Source: CCN
Type: GLSA-200602-03
Apache: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200602-03

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:043

Source: CCN
Type: OpenPKG-SA-2005.029
Apache mod_imap

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2005.029

Source: CCN
Type: Oracle Web Site
Oracle Critical Patch Update - July 2013

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

Source: FEDORA
Type: UNKNOWN
FEDORA-2006-052

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0158

Source: FEDORA
Type: UNKNOWN
FLSA-2006:175406

Source: HP
Type: UNKNOWN
HPSBUX02145

Source: HP
Type: UNKNOWN
SSRT061269

Source: HP
Type: UNKNOWN
SSRT061265

Source: BID
Type: UNKNOWN
15834

Source: CCN
Type: BID-15834
Apache 'mod_imap' Referer Cross-Site Scripting Vulnerability

Source: TRUSTIX
Type: UNKNOWN
TSLSA-2005-0074

Source: CCN
Type: TLSA-2006-1
Two vulnerabilities discovered in apache

Source: CCN
Type: USN-241-1
Apache vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-241-1

Source: CERT
Type: US Government Resource
TA08-150A

Source: VUPEN
Type: UNKNOWN
ADV-2005-2870

Source: VUPEN
Type: UNKNOWN
ADV-2006-2423

Source: VUPEN
Type: UNKNOWN
ADV-2006-3995

Source: VUPEN
Type: UNKNOWN
ADV-2006-4015

Source: VUPEN
Type: UNKNOWN
ADV-2006-4300

Source: VUPEN
Type: UNKNOWN
ADV-2006-4868

Source: VUPEN
Type: UNKNOWN
ADV-2008-0924

Source: VUPEN
Type: UNKNOWN
ADV-2008-1246

Source: VUPEN
Type: UNKNOWN
ADV-2008-1697

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:007

Source: XF
Type: UNKNOWN
apache-mod-imap-xss(23612)

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10480

Source: SUSE
Type: SUSE-SA:2006:043
ApacheApache2 mod_rewrite security problems

Source: SUSE
Type: SUSE-SR:2006:004
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2007:011
SUSE Security Summary Report

Source: CCN
Type: IBM Systems Support Web site
Support for HMC

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:http_server:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.13:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.17:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.22:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.26:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.26:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.42:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.15:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.50:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.11:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.7:*:dev:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.51:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.41:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.29:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.24:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.12:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.19:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.16:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.23:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.27:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.14:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.37:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.55:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.14:*:mac_os:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.44:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.25:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.25:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.39:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.31:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.52:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.53:*:*:*:*:*:*:*
  • OR cpe:/a:apache:mod_imap:*:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.49:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.30:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.38:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.18:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.48:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.45:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.20:*:win32:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.40:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.36:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.46:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.54:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.43:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.42.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.47.1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:redhat:stronghold:-:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/a:hp:openview_network_node_manager:7.01:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.5:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*
  • OR cpe:/a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*
  • OR cpe:/a:hp:openview_network_node_manager:6.41:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:network_proxy:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:http_server:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20053352
    V
    		CVE-2005-3352
    2022-06-30
    oval:org.opensuse.security:def:111948
    P
    		apache2-2.4.49-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105514
    P
    		apache2-2.4.49-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.mitre.oval:def:10480
    V
    		Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
    2013-04-29
    oval:org.debian:def:1167
    V
    		missing input sanitising
    2006-09-04
    oval:com.redhat.rhsa:def:20060159
    P
    		RHSA-2006:0159: httpd security update (Moderate)
    2006-01-05
    BACK
    apache http server 1.3.0
    apache http server 1.3.1
    apache http server 1.3.13
    apache http server 1.3.14
    apache http server 1.3.17
    apache http server 1.3.17
    apache http server 1.3.18
    apache http server 1.3.22
    apache http server 1.3.22
    apache http server 1.3.26
    apache http server 1.3.26
    apache http server 1.3.32
    apache http server 2.0.42
    apache http server 1.3.15
    apache http server 2.0.50
    apache http server 1.3.8
    apache http server 2.0.32 beta
    apache http server 2.0.34 beta
    apache http server 1.3.24
    apache http server 1.3.5
    apache http server 1.3.11
    apache http server 1.3.7
    apache http server 2.0.51
    apache http server 1.3.2
    apache http server 2.0.41
    apache http server 1.3.4
    apache http server 1.3.13
    apache http server 1.3
    apache http server 1.3.12
    apache http server 1.3.3
    apache http server 1.3.15
    apache http server 1.3.29
    apache http server 1.3.24
    apache http server 1.3.12
    apache http server 1.3.19
    apache http server 2.0.28
    apache http server 1.3.16
    apache http server 1.3.23
    apache http server 1.3.23
    apache http server 2.0.47
    apache http server 1.3.27
    apache http server 2.0.28 beta
    apache http server 1.3.10
    apache http server 1.3.14
    apache http server 2.0.35
    apache http server 2.0.37
    apache http server 2.0.55
    apache http server 1.3.14
    apache http server 2.0.44
    apache http server 1.3.16
    apache http server 1.3.25
    apache http server 1.3.25
    apache http server 1.3.28
    apache http server 1.3.19
    apache http server 2.0.39
    apache http server 1.3.31
    apache http server 2.0.52
    apache http server 1.3.20
    apache http server 2.0.53
    apache mod imap *
    apache http server 1.3.6
    apache http server 2.0.28 beta
    apache http server 2.0.49
    apache http server 2.0.9
    apache http server 1.3.30
    apache http server 2.0.32
    apache http server 2.0.38
    apache http server 1.3.18
    apache http server 2.0.48
    apache http server 2.0.45
    apache http server 1.3.9
    apache http server 1.3.20
    apache http server 2.0.40
    apache http server 2.0.36
    apache http server 2.0.46
    apache http server 1.3.11
    apache http server 2.0.54
    apache http server 2.0.43
    apache http server 1.3.7
    apache http server 2.0
    ibm http server 2.0.47
    ibm http server 2.0.42.2
    ibm http server 2.0.47.1
    redhat stronghold -
    openpkg openpkg current
    gentoo linux *
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    redhat enterprise linux 4
    redhat enterprise linux 4
    hp openview network node manager 7.01
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    sun solaris 10
    sun solaris 10
    suse suse linux 10.0
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 2006
    openpkg openpkg 2.5
    suse suse linux 10.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux 2006
    turbolinux turbolinux fuji
    turbolinux turbolinux personal *
    turbolinux turbolinux home *
    turbolinux turbolinux multimedia *
    hp openview network node manager 7.51
    hp openview network node manager 6.41
    apple mac os x 10.4.11
    apple mac os x server 10.4.11
    apple mac os x 10.5.2
    apple mac os x server 10.5.2
    redhat network proxy 4.2
    suse suse linux 9.3
    oracle http server -