CVE-2007-6203
Apache 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
Apache HTTP Server 2.0.x y 2.2.x no sanea la cabecera de especificador de HTTP Method de una petición HTTP cuando es reflejada en un error "413 Request Entity Too Large", lo cual podría permitir ataques tipo secuencias de comandos en sitios cruzados (XSS) utilizando componentes de clientes web que pueden enviar cabeceras de su elección en peticiones, como se demuestra con una petición petición HTTP conteniendo un valor inválido de Content-length, asunto similar a CVE-2006-3918.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-11-30 First Exploit
- 2007-12-03 CVE Reserved
- 2007-12-03 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (32)
| URL | Tag | Source |
|---|---|---|
| http://docs.info.apple.com/article.html?artnum=307562 | X_refsource_confirm | |
| http://securityreason.com/securityalert/3411 | Third Party Advisory | |
| http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html | X_refsource_confirm | |
| http://www.securityfocus.com/archive/1/484410/100/0/threaded | Mailing List | |
| http://www.securitytracker.com/id?1019030 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/4060 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/4301 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/0924/references | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/1623/references | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/1875/references | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/38800 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12166 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/30835 | 2007-11-30 | |
| http://procheckup.com/Vulnerability_PR07-37.php | 2024-08-07 | |
| http://www.securityfocus.com/bid/26663 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html | 2018-10-15 | |
| http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html | 2018-10-15 | |
| http://marc.info/?l=bugtraq&m=125631037611762&w=2 | 2018-10-15 | |
| http://marc.info/?l=bugtraq&m=129190899612998&w=2 | 2018-10-15 | |
| http://secunia.com/advisories/27906 | 2018-10-15 | |
| http://secunia.com/advisories/28196 | 2018-10-15 | |
| http://secunia.com/advisories/29348 | 2018-10-15 | |
| http://secunia.com/advisories/29420 | 2018-10-15 | |
| http://secunia.com/advisories/29640 | 2018-10-15 | |
| http://secunia.com/advisories/30356 | 2018-10-15 | |
| http://secunia.com/advisories/30732 | 2018-10-15 | |
| http://secunia.com/advisories/33105 | 2018-10-15 | |
| http://secunia.com/advisories/34219 | 2018-10-15 | |
| http://security.gentoo.org/glsa/glsa-200803-19.xml | 2018-10-15 | |
| http://www-1.ibm.com/support/docview.wss?uid=swg1PK57952 | 2018-10-15 | |
| http://www-1.ibm.com/support/docview.wss?uid=swg24019245 | 2018-10-15 | |
| http://www.ubuntu.com/usn/USN-731-1 | 2018-10-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.46 Search vendor "Apache" for product "Http Server" and version "2.0.46" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.47 Search vendor "Apache" for product "Http Server" and version "2.0.47" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.48 Search vendor "Apache" for product "Http Server" and version "2.0.48" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.49 Search vendor "Apache" for product "Http Server" and version "2.0.49" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.50 Search vendor "Apache" for product "Http Server" and version "2.0.50" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.51 Search vendor "Apache" for product "Http Server" and version "2.0.51" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.52 Search vendor "Apache" for product "Http Server" and version "2.0.52" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.53 Search vendor "Apache" for product "Http Server" and version "2.0.53" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.54 Search vendor "Apache" for product "Http Server" and version "2.0.54" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.55 Search vendor "Apache" for product "Http Server" and version "2.0.55" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.57 Search vendor "Apache" for product "Http Server" and version "2.0.57" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.58 Search vendor "Apache" for product "Http Server" and version "2.0.58" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.59 Search vendor "Apache" for product "Http Server" and version "2.0.59" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.1 Search vendor "Apache" for product "Http Server" and version "2.1.1" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.2 Search vendor "Apache" for product "Http Server" and version "2.1.2" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.3 Search vendor "Apache" for product "Http Server" and version "2.1.3" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.4 Search vendor "Apache" for product "Http Server" and version "2.1.4" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.5 Search vendor "Apache" for product "Http Server" and version "2.1.5" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.6 Search vendor "Apache" for product "Http Server" and version "2.1.6" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.7 Search vendor "Apache" for product "Http Server" and version "2.1.7" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.1.8 Search vendor "Apache" for product "Http Server" and version "2.1.8" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.0 Search vendor "Apache" for product "Http Server" and version "2.2.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.2 Search vendor "Apache" for product "Http Server" and version "2.2.2" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.3 Search vendor "Apache" for product "Http Server" and version "2.2.3" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.4 Search vendor "Apache" for product "Http Server" and version "2.2.4" | - |
Affected
| ||||||