Published: 10/11/2009 Updated: 24/11/2009

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

The Apache HTTP Server in Apple Mac OS X prior to 10.6.2 enables the HTTP TRACE method, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via unspecified web client software.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.5.5
apple mac os x 10.5.4
apple mac os x
apple mac os x 10.3.0
apple mac os x 10.3.5
apple mac os x 10.3.6
apple mac os x 10.2.5
apple mac os x 10.2.6
apple mac os x 10.1.1
apple mac os x 10.1.4
apple mac os x 10.5.8
apple mac os x 10.5.1
apple mac os x 10.5.0
apple mac os x 10.3.1
apple mac os x 10.3.2
apple mac os x 10.5.3
apple mac os x 10.5.2
apple mac os x 10.3.9
apple mac os x 10.3.8
apple mac os x 10.3
apple mac os x 10.3.7
apple mac os x 10.2.0
apple mac os x 10.2.7
apple mac os x 10.2.8
apple mac os x 10.1.3
apple mac os x 10.1.5
apple mac os x 10.4
apple mac os x 10.4.4
apple mac os x 10.4.5
apple mac os x 10.0
apple mac os x 10.0.3
apple mac os x 10.2.1
apple mac os x 10.2.2
apple mac os x 10.2
apple mac os x 10.1.0
apple mac os x 10.4.0
apple mac os x 10.4.1
apple mac os x 10.4.6
apple mac os x 10.4.7
apple mac os x 10.0.2
apple mac os x 10.0.4
apple mac os x 10.4.2
apple mac os x 10.4.3
apple mac os x 10.0.0
apple mac os x 10.0.1
apple mac os x 10.5.7
apple mac os x 10.5.6
apple mac os x 10.5
apple mac os x 10.6
apple mac os x 10.3.3
apple mac os x 10.3.4
apple mac os x 10.2.3
apple mac os x 10.2.4
apple mac os x 10.1
apple mac os x 10.1.2
apple mac os x 10.4.10
apple mac os x 10.4.11
apple mac os x 10.4.8
apple mac os x 10.4.9
apple mac os x server 10.5.4
apple mac os x server 10.5.3
apple mac os x server 10.4.9
apple mac os x server 10.4.8
apple mac os x server 10.4.11
apple mac os x server 10.4.10
apple mac os x server 10.3.3
apple mac os x server 10.3.6
apple mac os x server 10.2.3
apple mac os x server 10.2
apple mac os x server 10.2.5
apple mac os x server 10.1.4
apple mac os x server 10.5.2
apple mac os x server 10.5.1
apple mac os x server 10.4.7
apple mac os x server 10.4.6
apple mac os x server 10.4.1
apple mac os x server 10.4.0
apple mac os x server 10.3.5
apple mac os x server 10.3.0
apple mac os x server 10.2.1
apple mac os x server 10.2.0
apple mac os x server 10.1.0
apple mac os x server 10.1.5
apple mac os x server 10.1.2
apple mac os x server 10.0.2
apple mac os x server 10.0.3
apple mac os x server 10.5.7
apple mac os x server 10.5.6
apple mac os x server 10.5.5
apple mac os x server 10.6
apple mac os x server
apple mac os x server 10.4.3
apple mac os x server 10.4.2
apple mac os x server 10.3.9
apple mac os x server 10.3.4
apple mac os x server 10.3
apple mac os x server 10.2.2
apple mac os x server 10.2.7
apple mac os x server 10.2.4
apple mac os x server 10.1
apple mac os x server 10.0.4
apple mac os x server 10.0.0
apple mac os x server 10.0.1
apple mac os x server 10.5.8
apple mac os x server 10.5.0
apple mac os x server 10.5
apple mac os x server 10.4.5
apple mac os x server 10.4.4
apple mac os x server 10.4
apple mac os x server 10.3.8
apple mac os x server 10.3.7
apple mac os x server 10.3.1
apple mac os x server 10.3.2
apple mac os x server 10.2.8
apple mac os x server 10.2.6
apple mac os x server 10.1.3
apple mac os x server 10.1.1
apple mac os x server 10.0

CWE-79 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://support.apple.com/kb/HT3937 http://www.securityfocus.com/bid/36956 http://www.vupen.com/english/advisories/2009/3184 http://www.mandriva.com/security/advisories?name=MDVSA-2009:300 https://nvd.nist.gov

Get Started

CVE-2009-2823

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect