Published: 12/01/2008 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Apache

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote malicious users to gain privileges via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache http server 2.2.0
apache http server 2.2.2
apache http server 2.2.4
apache http server 2.2.6
apache http server 2.2.3
apache http server -

Synopsis Moderate: Red Hat Application Stack v22 security and enhancement update Type/Severity Security Advisory: Moderate Topic Red Hat Application Stack v22 is now available This update fixes severalsecurity issues and adds various enhancementsThis update has been rated as having moderate security imp ...

It was discovered that Apache did not sanitize the method specifier header from an HTTP request when it is returned in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output With cross-site scripting vulnerabilities, if a user were tricked into viewing server output durin ...

CWE-352 http://www.securityfocus.com/bid/27236 http://securityreason.com/securityalert/3523 http://security.gentoo.org/glsa/glsa-200807-06.xml http://secunia.com/advisories/31026 http://www.securityfocus.com/bid/31681 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://support.apple.com/kb/HT3216 http://secunia.com/advisories/32222 http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html http://www.redhat.com/support/errata/RHSA-2008-0966.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://secunia.com/advisories/33797 http://www.ubuntu.com/usn/USN-731-1 http://secunia.com/advisories/34219 http://www.vupen.com/english/advisories/2009/0320 http://www.vupen.com/english/advisories/2008/2780 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8371 http://www.securityfocus.com/archive/1/494858/100/0/threaded http://www.securityfocus.com/archive/1/486169/100/0/threaded https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E https://access.redhat.com/errata/RHSA-2008:0966 https://nvd.nist.gov https://usn.ubuntu.com/731-1/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook