admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2006/3xxx/CVE-2006-3918.json

308 lines
10 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3918",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060508 Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html"
},
{
"name" : "20060724 Write-up by Amit Klein: \"Forging HTTP request headers with Flash\"",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html"
},
{
"name" : "http://svn.apache.org/viewvc?view=rev&revision=394965",
"refsource" : "CONFIRM",
"url" : "http://svn.apache.org/viewvc?view=rev&revision=394965"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm"
},
{
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117",
"refsource" : "CONFIRM",
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117"
},
{
"name" : "http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html",
"refsource" : "CONFIRM",
"url" : "http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html"
},
{
"name" : "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html",
"refsource" : "CONFIRM",
"url" : "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html"
},
{
"name" : "PK24631",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631"
},
{
"name" : "PK27875",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
},
{
"name" : "DSA-1167",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1167"
},
{
"name" : "HPSBUX02465",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=125631037611762&w=2"
},
{
"name" : "SSRT090192",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=125631037611762&w=2"
},
{
"name" : "HPSBUX02612",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=129190899612998&w=2"
},
{
"name" : "SSRT100345",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=129190899612998&w=2"
},
{
"name" : "HPSBOV02683",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
},
{
"name" : "SSRT090208",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
},
{
"name" : "[3.9] 012: SECURITY FIX: October 7, 2006",
"refsource" : "OPENBSD",
"url" : "http://openbsd.org/errata.html#httpd2"
},
{
"name" : "RHSA-2006:0618",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0618.html"
},
{
"name" : "RHSA-2006:0619",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0619.html"
},
{
"name" : "RHSA-2006:0692",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0692.html"
},
{
"name" : "20060801-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P"
},
{
"name" : "SUSE-SA:2006:051",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_51_apache.html"
},
{
"name" : "SUSE-SA:2008:021",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"name" : "USN-575-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-575-1"
},
{
"name" : "19661",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19661"
},
{
"name" : "oval:org.mitre.oval:def:10352",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352"
},
{
"name" : "oval:org.mitre.oval:def:12238",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238"
},
{
"name" : "1024144",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024144"
},
{
"name" : "40256",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40256"
},
{
"name" : "ADV-2006-2963",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2963"
},
{
"name" : "ADV-2006-2964",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2964"
},
{
"name" : "ADV-2006-3264",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3264"
},
{
"name" : "ADV-2006-4207",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4207"
},
{
"name" : "ADV-2006-5089",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5089"
},
{
"name" : "1016569",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016569"
},
{
"name" : "21172",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21172"
},
{
"name" : "21174",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21174"
},
{
"name" : "21399",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21399"
},
{
"name" : "21478",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21478"
},
{
"name" : "21848",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21848"
},
{
"name" : "21598",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21598"
},
{
"name" : "21744",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21744"
},
{
"name" : "21986",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21986"
},
{
"name" : "22140",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22140"
},
{
"name" : "22317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22317"
},
{
"name" : "22523",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22523"
},
{
"name" : "28749",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28749"
},
{
"name" : "29640",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29640"
},
{
"name" : "1294",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1294"
},
{
"name" : "ADV-2010-1572",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1572"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink