Red Hat Customer Portal

Skip to main content

CVE-2006-5752

Impact:
Moderate
Public Date:
2007-06-20
CWE:
CWE-79
Bugzilla:
245112: CVE-2006-5752 httpd mod_status XSS

The MITRE CVE dictionary describes this issue as:

Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.

Find out more about CVE-2006-5752 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS) RHSA-2008:0523 2008-06-30
Red Hat Certificate System 7.3 for 4AS RHSA-2010:0602 2010-08-04
Red Hat Enterprise Linux 3 (httpd) RHSA-2007:0533 2007-06-27
Red Hat Enterprise Linux 2.1 (apache) RHSA-2007:0532 2007-06-26
Red Hat Satellite 5.0 (RHEL v.4 AS) RHSA-2008:0261 2008-05-20
Red Hat Enterprise Linux 4 (httpd) RHSA-2007:0534 2007-06-26
Red Hat Satellite Proxy v 5.0 (RHEL v.4 AS) RHSA-2008:0263 2008-05-20
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 2008-06-30
Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS) RHSA-2008:0523 2008-06-30
Red Hat Enterprise Linux 5 (httpd) RHSA-2007:0556 2007-06-26
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (httpd) RHSA-2007:0557 2007-07-13
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 2008-06-30

Last Modified