CVE - CVE-2009-0796

CVE-ID
CVE-2009-0796	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1021508 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1~~ (Obsolete source) MISC:1021709 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021709.1-1~~ (Obsolete source) MISC:1021988 URL:http://www.securitytracker.com/id?1021988 MISC:20090415 XSS with mod_perl perl_status utility URL:http://www.securityfocus.com/archive/1/502709/100/0/threaded MISC:34383 URL:http://www.securityfocus.com/bid/34383 MISC:34597 URL:http://secunia.com/advisories/34597 MISC:ADV-2009-0943 URL:~~http://www.vupen.com/english/advisories/2009/0943~~ (Obsolete source) MISC:APPLE-SA-2010-11-10-1 URL:http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html MISC:MDVSA-2009:091 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:091~~ (Obsolete source) MISC:[modperl-cvs] 20090401 svn commit: r761081 - in /perl/modperl/branches/1.x: Changes lib/Apache/Status.pm URL:http://www.gossamer-threads.com/lists/modperl/modperl-cvs/99477#99477 MISC:[modperl] 20090401 [SECURITY] [CVE-2009-0796] Vulnerability found in Apache::Status and Apache2::Status URL:http://www.gossamer-threads.com/lists/modperl/modperl/99475#99475 MISC:http://support.apple.com/kb/HT4435 URL:http://support.apple.com/kb/HT4435 MISC:http://svn.apache.org/viewvc/perl/modperl/branches/1.x/lib/Apache/Status.pm?r1=177851&r2=761081&pathrev=761081&diff_format=h URL:http://svn.apache.org/viewvc/perl/modperl/branches/1.x/lib/Apache/Status.pm?r1=177851&r2=761081&pathrev=761081&diff_format=h MISC:http://svn.apache.org/viewvc?view=rev&revision=761081 URL:http://svn.apache.org/viewvc?view=rev&revision=761081 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=494402 URL:https://bugzilla.redhat.com/show_bug.cgi?id=494402 MISC:https://launchpad.net/bugs/cve/2009-0796 URL:https://launchpad.net/bugs/cve/2009-0796 MISC:oval:org.mitre.oval:def:8488 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8488
Assigning CNA
Red Hat, Inc.
Date Record Created
20090304	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090304)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.