FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

apache22 -- several vulnerabilities

Affected packages
2.2.0 < apache22 < 2.2.24
2.2.0 < apache22-event-mpm < 2.2.24
2.2.0 < apache22-itk-mpm < 2.2.24
2.2.0 < apache22-peruser-mpm < 2.2.24
2.2.0 < apache22-worker-mpm < 2.2.24

Details

VuXML ID 9c88d8a8-8372-11e2-a010-20cf30e32f6d
Discovery 2012-10-07
Entry 2013-03-02

Apache HTTP SERVER PROJECT reports:

low: XSS due to unescaped hostnames CVE-2012-3499

Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.

moderate: XSS in mod_proxy_balancer CVE-2012-4558

A XSS flaw affected the mod_proxy_balancer manager interface.

References

CVE Name CVE-2012-3499
CVE Name CVE-2012-4558