Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2002-0840

Опубликовано: 11 окт. 2002
Источник: debian
EPSS Критический

Описание

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
apache2fixed2.0.43-1package
apachefixed1.3.27-0.1package
apache-perlfixed1.3.26-1.1-1.27-3-1package

EPSS

Процентиль: 100%
0.91802
Критический

Связанные уязвимости

ubuntu
почти 23 года назад

Описание отсутствует

redhat
почти 23 года назад

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

nvd
почти 23 года назад

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

EPSS

Процентиль: 100%
0.91802
Критический