CVE - CVE-2007-5000

CVE-ID
CVE-2007-5000	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20080716 rPSA-2008-0035-1 httpd mod_ssl URL:http://www.securityfocus.com/archive/1/494428/100/0/threaded BUGTRAQ:20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server URL:http://www.securityfocus.com/archive/1/505990/100/0/threaded MLIST:[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server URL:http://lists.vmware.com/pipermail/security-announce/2009/000062.html CONFIRM:http://httpd.apache.org/security/vulnerabilities_13.html CONFIRM:http://httpd.apache.org/security/vulnerabilities_20.html CONFIRM:http://httpd.apache.org/security/vulnerabilities_22.html CONFIRM:http://www.fujitsu.com/global/support/software/security/products-f/interstage-200801e.html CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm CONFIRM:http://docs.info.apple.com/article.html?artnum=307562 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html AIXAPAR:PK58024 URL:http://www-1.ibm.com/support/docview.wss?uid=swg1PK58024 AIXAPAR:PK58074 URL:http://www-1.ibm.com/support/docview.wss?uid=swg1PK58074 AIXAPAR:PK63273 URL:http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273 AIXAPAR:PK65782 URL:http://www-1.ibm.com/support/docview.wss?uid=swg24019245 APPLE:APPLE-SA-2008-03-18 URL:http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html APPLE:APPLE-SA-2008-05-28 URL:http://lists.apple.com/archives/security-announce/2008//May/msg00001.html FEDORA:FEDORA-2008-1695 URL:https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html FEDORA:FEDORA-2008-1711 URL:https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html HP:HPSBUX02308 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 HP:SSRT080010 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 HP:HPSBMA02388 URL:http://www.securityfocus.com/archive/1/498523/100/0/threaded HP:SSRT080059 URL:http://www.securityfocus.com/archive/1/498523/100/0/threaded HP:HPSBOV02683 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 HP:SSRT090208 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 MANDRIVA:MDVSA-2008:014 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:014 MANDRIVA:MDVSA-2008:015 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:015 MANDRIVA:MDVSA-2008:016 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:016 REDHAT:RHSA-2008:0004 URL:http://www.redhat.com/support/errata/RHSA-2008-0004.html REDHAT:RHSA-2008:0005 URL:http://www.redhat.com/support/errata/RHSA-2008-0005.html REDHAT:RHSA-2008:0006 URL:http://www.redhat.com/support/errata/RHSA-2008-0006.html REDHAT:RHSA-2008:0007 URL:http://www.redhat.com/support/errata/RHSA-2008-0007.html REDHAT:RHSA-2008:0008 URL:http://www.redhat.com/support/errata/RHSA-2008-0008.html REDHAT:RHSA-2008:0009 URL:http://www.redhat.com/support/errata/RHSA-2008-0009.html REDHAT:RHSA-2008:0261 URL:http://www.redhat.com/support/errata/RHSA-2008-0261.html SLACKWARE:SSA:2008-045-02 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748 SUNALERT:233623 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1 SUSE:SUSE-SA:2008:021 URL:http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html UBUNTU:USN-575-1 URL:http://www.ubuntu.com/usn/usn-575-1 CERT:TA08-150A URL:http://www.us-cert.gov/cas/techalerts/TA08-150A.html BID:26838 URL:http://www.securityfocus.com/bid/26838 OVAL:oval:org.mitre.oval:def:9539 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9539 SECUNIA:32800 URL:http://secunia.com/advisories/32800 VUPEN:ADV-2007-4201 URL:http://www.vupen.com/english/advisories/2007/4201 VUPEN:ADV-2007-4202 URL:http://www.vupen.com/english/advisories/2007/4202 VUPEN:ADV-2007-4301 URL:http://www.vupen.com/english/advisories/2007/4301 VUPEN:ADV-2008-0084 URL:http://www.vupen.com/english/advisories/2008/0084 VUPEN:ADV-2008-0178 URL:http://www.vupen.com/english/advisories/2008/0178 VUPEN:ADV-2008-0398 URL:http://www.vupen.com/english/advisories/2008/0398 VUPEN:ADV-2008-0809 URL:http://www.vupen.com/english/advisories/2008/0809/references VUPEN:ADV-2008-0924 URL:http://www.vupen.com/english/advisories/2008/0924/references VUPEN:ADV-2008-1224 URL:http://www.vupen.com/english/advisories/2008/1224/references VUPEN:ADV-2008-1623 URL:http://www.vupen.com/english/advisories/2008/1623/references VUPEN:ADV-2008-1697 URL:http://www.vupen.com/english/advisories/2008/1697 VUPEN:ADV-2008-1875 URL:http://www.vupen.com/english/advisories/2008/1875/references OSVDB:39134 URL:http://www.osvdb.org/39134 SECTRACK:1019093 URL:http://securitytracker.com/id?1019093 SECUNIA:28046 URL:http://secunia.com/advisories/28046 SECUNIA:28073 URL:http://secunia.com/advisories/28073 SECUNIA:28081 URL:http://secunia.com/advisories/28081 SECUNIA:28196 URL:http://secunia.com/advisories/28196 SECUNIA:28375 URL:http://secunia.com/advisories/28375 SECUNIA:28467 URL:http://secunia.com/advisories/28467 SECUNIA:28471 URL:http://secunia.com/advisories/28471 SECUNIA:28525 URL:http://secunia.com/advisories/28525 SECUNIA:28526 URL:http://secunia.com/advisories/28526 SECUNIA:28607 URL:http://secunia.com/advisories/28607 SECUNIA:28749 URL:http://secunia.com/advisories/28749 SECUNIA:28750 URL:http://secunia.com/advisories/28750 SECUNIA:28977 URL:http://secunia.com/advisories/28977 SECUNIA:28922 URL:http://secunia.com/advisories/28922 SECUNIA:29420 URL:http://secunia.com/advisories/29420 SECUNIA:29640 URL:http://secunia.com/advisories/29640 SECUNIA:29806 URL:http://secunia.com/advisories/29806 SECUNIA:29988 URL:http://secunia.com/advisories/29988 SECUNIA:30356 URL:http://secunia.com/advisories/30356 SECUNIA:30430 URL:http://secunia.com/advisories/30430 SECUNIA:31142 URL:http://secunia.com/advisories/31142 SECUNIA:30732 URL:http://secunia.com/advisories/30732 XF:apache-modimagemap-xss(39002) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/39002 XF:apache-modimap-xss(39001) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/39001
Assigning CNA
N/A
Date Entry Created
20070920	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070920)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org