CVE-2006-5752

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.

🔗 References (154)

secalert@redhathttp://bugs.gentoo.org/show_bug.cgi?id=186219
secalert@redhathttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
secalert@redhathttp://httpd.apache.org/security/vulnerabilities_13.html
secalert@redhathttp://httpd.apache.org/security/vulnerabilities_20.html
secalert@redhathttp://httpd.apache.org/security/vulnerabilities_22.html
secalert@redhathttp://lists.vmware.com/pipermail/security-announce/2009/000062.html
secalert@redhathttp://osvdb.org/37052
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2007-0534.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2007-0556.html
secalert@redhathttp://secunia.com/advisories/25827
secalert@redhathttp://secunia.com/advisories/25830
secalert@redhathttp://secunia.com/advisories/25873
secalert@redhathttp://secunia.com/advisories/25920
secalert@redhathttp://secunia.com/advisories/26273

Is Your Infrastructure Affected by CVE-2006-5752?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-5752

📅 Published

🔄 Last Modified

🔗 References (154)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-5752?