CVE-2007-6421 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-6421
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6421

Description: Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39474 UBUNTU http://www.ubuntu.com/usn/usn-575-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html SREASON http://securityreason.com/securityalert/3523 SAID Secunia Advisory: SA28977 Secunia Advisory: SA29420 Secunia Advisory: SA28526 Secunia Advisory: SA28749 Secunia Advisory: SA29640 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0009.html http://www.redhat.com/support/errata/RHSA-2008-0008.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:016 FEDORA CONFIRM http://docs.info.apple.com/article.html?artnum=307562 http://httpd.apache.org/security/vulnerabilities_22.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/486169/100/0/threaded BID 27236 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.