CVE-2012-3499

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.

🔗 References (78)

secalert@redhathttp://httpd.apache.org/security/vulnerabilities_22.html
secalert@redhathttp://httpd.apache.org/security/vulnerabilities_24.html
secalert@redhathttp://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html
secalert@redhathttp://marc.info/?l=bugtraq&m=136612293908376&w=2
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-0815.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-1207.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-1208.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-1209.html
secalert@redhathttp://secunia.com/advisories/55032
secalert@redhathttp://support.apple.com/kb/HT5880
secalert@redhathttp://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h
secalert@redhathttp://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h
secalert@redhathttp://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h
secalert@redhathttp://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h

Is Your Infrastructure Affected by CVE-2012-3499?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-3499

📅 Published

🔄 Last Modified

🔗 References (78)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-3499?