CVE-2009-1903
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-1903
Status
Candidate
Description
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
Severity
Medium
CVSS score
4,3
CVSS vector
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Phase
Assigned (15.07.2009)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1903
References
BID :
34096
CONFIRM :
http://sourceforge.net/project/shownotes.php?relea...
FEDORA :
FEDORA-2009-2654
FEDORA :
FEDORA-2009-2686
OSVDB :
52552
SECUNIA :
34256
SECUNIA :
34311
VUPEN :
ADV-2009-0703
XF :
modsecurity-pdfxss-dos(49211)
SecurityVulns:
ModSecurity multiple security vulnerabilities
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
