Selection:
XSS CSRF Privilege Buffer Remote Stack
CVE ID Name Status References
CVE-2002-0840

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

BID:5847 | URL:http://www.securityfocus.com/bid/5847 | BUGTRAQ:20021002 Apache 2 Cross-Site Scripting | URL:http://marc.info/?l=bugtraq&m=103357160425708&w=2 | BUGTRAQ:20021003 [OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache) | URL:http://marc.info/?l=bugtraq&m=103376585508776&w=2 | BUGTRAQ:20021017 TSLSA-2002-0069-apache | URL:http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html | CERT-VN:VU#240329 | URL:http://www.kb.cert.org/vuls/id/240329 | CONECTIVA:CLA-2002:530 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530 | CONFIRM:http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2 | CONFIRM:http://www.apacheweek.com/issues/02-10-04 | DEBIAN:DSA-187 | URL:http://www.debian.org/security/2002/dsa-187 | DEBIAN:DSA-188 | URL:http://www.debian.org/security/2002/dsa-188 | DEBIAN:DSA-195 | URL:http://www.debian.org/security/2002/dsa-195 | ENGARDE:ESA-20021007-024 | URL:http://www.linuxsecurity.com/advisories/other_advisory-2414.html | HP:HPSBUX0210-224 | URL:http://online.securityfocus.com/advisories/4617 | MANDRAKE:MDKSA-2002:068 | URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-068.php | MLIST:[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ | URL:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ | URL:https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ | URL:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ | URL:https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E | OSVDB:862 | URL:http://www.osvdb.org/862 | REDHAT:RHSA-2002:222 | URL:http://www.redhat.com/support/errata/RHSA-2002-222.html | REDHAT:RHSA-2002:243 | URL:http://www.redhat.com/support/errata/RHSA-2002-243.html | REDHAT:RHSA-2002:244 | URL:http://www.redhat.com/support/errata/RHSA-2002-244.html | REDHAT:RHSA-2002:248 | URL:http://www.redhat.com/support/errata/RHSA-2002-248.html | REDHAT:RHSA-2002:251 | URL:http://www.redhat.com/support/errata/RHSA-2002-251.html | REDHAT:RHSA-2003:106 | URL:http://www.redhat.com/support/errata/RHSA-2003-106.html | SGI:20021105-02-I | URL:ftp://patches.sgi.com/support/free/security/advisories/20021105-02-I | VULNWATCH:20021002 Apache 2 Cross-Site Scripting | URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0003.html | XF:apache-http-host-xss(10241) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/10241


Page created:

CVE year by year statistics.

CVE year statistics by common vulnerability domain.

Latest data from: 2024-12-05