Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache http server 2.2.0 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2007-6420
Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors....
Apache Http Server 2.2.0Apache Http Server 2.2.2Apache Http Server 2.2.4Apache Http Server 2.2.6Apache Http Server 2.2.3Apache Http Server -
NA
CVE-2009-1195
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a...
Apache Http Server 2.2Apache Http Server 2.2.0Apache Http Server 2.2.10Apache Http Server 2.2.2Apache Http Server 2.2.4Apache Http ServerApache Http Server 2.2.8Apache Http Server 2.2.7Apache Http Server 2.2.6Apache Http Server 2.2.9Apache Http Server 2.2.3Apache Http Server 2.2.1Apache Http Server -
NA
CVE-2010-0408
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server...
Apache Http Server 2.2Apache Http Server 2.2.11Apache Http Server 2.2.0Apache Http Server 2.2.13Apache Http Server 2.2.2Apache Http Server 2.2.4Apache Http Server 2.2.8Apache Http Server 2.2.14Apache Http Server 2.2.6Apache Http Server 2.2.9Apache Http Server 2.2.12Apache Http Server 2.2.3
NA
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client...
Apache Http Server 2.0.51Apache Http Server 2.0.52Apache Http Server 2.1.2Apache Http Server 2.1.3Apache Http Server 2.2.2Apache Http Server 2.2.3Apache Http Server 2.0.46Apache Http Server 2.0.53Apache Http Server 2.0.54Apache Http Server 2.0.55Apache Http Server 2.1.4Apache Http Server 2.1.5Apache Http Server 2.2.4Apache Http Server 2.0.47Apache Http Server 2.0.48Apache Http Server 2.0.57Apache Http Server 2.0.58Apache Http Server 2.1.6Apache Http Server 2.1.7Apache Http Server 2.0.49Apache Http Server 2.0.50Apache Http Server 2.0.59Apache Http Server 2.1.1Apache Http Server 2.1.8Apache Http Server 2.2.0
NA
CVE-2012-2687
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or...
Apache Http Server 2.2.23Apache Http Server 2.4.1Apache Http Server 2.2.11Apache Http Server 2.2.0Apache Http Server 2.2.10Apache Http Server 2.2.13Apache Http Server 2.2.2Apache Http Server 2.4.0Apache Http Server 2.2.4Apache Http Server 2.2.17Apache Http Server 2.2.16Apache Http Server 2.2.21Apache Http Server 2.2.8Apache Http Server 2.2.14Apache Http Server 2.2.6Apache Http Server 2.2.22Apache Http Server 2.2.19Apache Http Server 2.2.9Apache Http Server 2.2.18Apache Http Server 2.2.12Apache Http Server 2.2.3Apache Http Server 2.4.2Apache Http Server 2.2.15Apache Http Server 2.2.20Apache Http Server 2.2.1
NA
CVE-2012-4558
Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...
Apache Http Server 2.2.23Apache Http Server 2.2Apache Http Server 2.2.11Apache Http Server 2.2.0Apache Http Server 2.2.10Apache Http Server 2.2.13Apache Http Server 2.2.2Apache Http Server 2.2.4Apache Http Server 2.2.17Apache Http Server 2.2.16Apache Http Server 2.2.21Apache Http Server 2.2.8Apache Http Server 2.2.14Apache Http Server 2.2.6Apache Http Server 2.2.22Apache Http Server 2.2.19Apache Http Server 2.2.9Apache Http Server 2.2.18Apache Http Server 2.2.12Apache Http Server 2.2.3Apache Http Server 2.2.15Apache Http Server 2.2.20Apache Http Server 2.2.1Apache Http Server 2.4.1Apache Http Server 2.4.0Apache Http Server 2.4.3Apache Http Server 2.4.2
NA
CVE-2012-3499
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)...
Apache Http Server 2.2.23Apache Http Server 2.2Apache Http Server 2.2.11Apache Http Server 2.2.0Apache Http Server 2.2.10Apache Http Server 2.2.13Apache Http Server 2.2.2Apache Http Server 2.2.4Apache Http Server 2.2.17Apache Http Server 2.2.16Apache Http Server 2.2.21Apache Http Server 2.2.8Apache Http Server 2.2.14Apache Http Server 2.2.6Apache Http Server 2.2.22Apache Http Server 2.2.19Apache Http Server 2.2.9Apache Http Server 2.2.18Apache Http Server 2.2.12Apache Http Server 2.2.3Apache Http Server 2.2.15Apache Http Server 2.2.20Apache Http Server 2.2.1Apache Http Server 2.4.1Apache Http Server 2.4.0Apache Http Server 2.4.3Apache Http Server 2.4.2
6.1
CVSSv3
CVE-2016-4975
Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache...
Apache Http Server 2.2.23Apache Http Server 2.4.1Apache Http Server 2.4.20Apache Http Server 2.2.11Apache Http Server 2.2.0Apache Http Server 2.2.31Apache Http Server 2.2.10Apache Http Server 2.4.6Apache Http Server 2.2.13Apache Http Server 2.2.2Apache Http Server 2.4.12Apache Http Server 2.2.4Apache Http Server 2.2.17Apache Http Server 2.2.16Apache Http Server 2.2.21Apache Http Server 2.4.3Apache Http Server 2.4.23Apache Http Server 2.2.8Apache Http Server 2.4.4Apache Http Server 2.4.10Apache Http Server 2.4.7Apache Http Server 2.2.14Apache Http Server 2.2.24Apache Http Server 2.2.25Apache Http Server 2.2.6Apache Http Server 2.2.22Apache Http Server 2.2.19Apache Http Server 2.2.27Apache Http Server 2.2.9Apache Http Server 2.4.18Apache Http Server 2.2.18Apache Http Server 2.2.12Apache Http Server 2.2.29Apache Http Server 2.2.3Apache Http Server 2.4.2Apache Http Server 2.2.15Apache Http Server 2.2.20Apache Http Server 2.4.17Apache Http Server 2.4.16Apache Http Server 2.4.9Apache Http Server 2.2.26
9.8
CVSSv3
CVE-2017-3169
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port....
Apache Http Server 2.2.23Apache Http Server 2.4.1Apache Http Server 2.4.20Apache Http Server 2.2.11Apache Http Server 2.2.0Apache Http Server 2.2.31Apache Http Server 2.2.13Apache Http Server 2.2.2Apache Http Server 2.4.12Apache Http Server 2.2.17Apache Http Server 2.2.16Apache Http Server 2.2.21Apache Http Server 2.4.23Apache Http Server 2.4.10Apache Http Server 2.2.14Apache Http Server 2.2.24Apache Http Server 2.2.25Apache Http Server 2.2.30Apache Http Server 2.2.22Apache Http Server 2.2.19Apache Http Server 2.2.27Apache Http Server 2.4.25Apache Http Server 2.4.18Apache Http Server 2.2.18Apache Http Server 2.2.12Apache Http Server 2.2.32Apache Http Server 2.2.29Apache Http Server 2.2.3Apache Http Server 2.4.2Apache Http Server 2.2.15Apache Http Server 2.2.20Apache Http Server 2.4.17Apache Http Server 2.4.16Apache Http Server 2.2.26
NA
CVE-2008-2939
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a...
Apache Http Server 2.2.0Apache Http Server 2.2.2Apache Http Server 2.2.4Apache Http Server 2.2.8Apache Http Server 2.2.6Apache Http Server 2.2.9Apache Http ServerApache Http Server 2.2.3Apache Http Server 2.2.1Apache Http Server -Canonical Ubuntu Linux 6.06Opensuse Opensuse 10.2Canonical Ubuntu Linux 7.10Apple Mac Os XOpensuse Opensuse 11.0Opensuse Opensuse 10.3Canonical Ubuntu Linux 8.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
local file inclusionCVE-2023-46773CVE-2023-49376CVE-2023-49377hard-codedCVE-2023-49241local usersCVE-2023-23397CVE-2023-26360
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook