Описание
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | code not present |
| devel | not-affected | 2.5.9-1 |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | ignored | end of life |
| karmic | not-affected | 2.5.9-1 |
| lucid | not-affected | 2.5.9-1 |
| maverick | not-affected | 2.5.9-1 |
| upstream | released | 2.5.9-1 |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remo ...
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
EPSS
4.3 Medium
CVSS2