CVE-2002-0840
Description
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is Off and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
Risk Information
Base Score
7.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS Score
Exploitation Probability
91.102
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update to Sun RaQ4-All-Security-2.0.1-16343 | Windows |
| Update to Sun RaQ550-All-Security-0.0.1-16343 | Windows |
| Update to Sun RaQXTR-All-Security-1.0.1-16343 | Windows |
| Update to Sun Qube3-All-Security-4.0.1-16343 | Windows |
| Update to HP PHSS_28111 s700_800 11.04 Virtualvault 4.5 IWS Update | Windows |
| Update to HP PHSS_28098 s700_800 11.04 Virtualvault 4.5 OWS update | Windows |
| Update to HP PHSS_28090 s700_800 11.04 Virtualvault 4.6 IWS update | Windows |
| Update to HP PHSS_28099 s700_800 11.04 Virtualvault 4.6 OWS update | Windows |
| Update to HP PHSS_28704 | Windows |
| Update to HP PSOV_03251 | Windows |
| Update to HP PHSS_28705 | Windows |
| Update Apache to version 2.0.43 | Windows |
| Update Apache to version 1.3.24 | Windows |
| Vulnerabilities CVE-2002-0839,CVE-2002-0840,CVE-2002-0843 are fixed in Apache 1.3.2 | Windows |
| Vulnerabilities CVE-2002-0840 are fixed in Apache 2.0.43 | Windows |
| Update Apache to version 2.0.43 (For Linux) | Linux |
| Update Apache to version 1.3.24 (For Linux) | Linux |
| Update to Sun RaQ4-All-Security-2.0.1-16343 (For Linux) | Linux |
| Update to Sun RaQ550-All-Security-0.0.1-16343 (For Linux) | Linux |
| Update to Sun RaQXTR-All-Security-1.0.1-16343 (For Linux) | Linux |
| Update to Sun Qube3-All-Security-4.0.1-16343 (For Linux) | Linux |
| Update to HP PHSS_28111 s700_800 11.04 Virtualvault 4.5 IWS Update (For Linux) | Linux |
| Update to HP PHSS_28098 s700_800 11.04 Virtualvault 4.5 OWS update (For Linux) | Linux |
| Update to HP PHSS_28090 s700_800 11.04 Virtualvault 4.6 IWS update (For Linux) | Linux |
| Update to HP PHSS_28099 s700_800 11.04 Virtualvault 4.6 OWS update (For Linux) | Linux |
| Update to HP PHSS_28704 (For Linux) | Linux |
| Update to HP PSOV_03251 (For Linux) | Linux |
| Update to HP PHSS_28705 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234