NVD

Id
5  
Name
CVE-2008-0005  
Description
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-01-11  
Modified Date
2011-09-06  
Seq
2008-0005  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
57 5 CVE-2008-0005 http://docs.info.apple.com/article.html?artnum=307562  View
58 5 CVE-2008-0005 APPLE-SA-2008-03-18  View
59 5 CVE-2008-0005 SUSE-SA:2008:021  View
60 5 CVE-2008-0005 [security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server  View
61 5 CVE-2008-0005 SSRT090085  View
62 5 CVE-2008-0005 SSRT090192  View
63 5 CVE-2008-0005 HPSBOV02683  View
64 5 CVE-2008-0005 oval:org.mitre.oval:def:10812  View
65 5 CVE-2008-0005 GLSA-200803-19  View
66 5 CVE-2008-0005 20080110 Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability  View
67 5 CVE-2008-0005 3526  View
68 5 CVE-2008-0005 http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm  View
69 5 CVE-2008-0005 MDVSA-2008:014  View
70 5 CVE-2008-0005 MDVSA-2008:015  View
71 5 CVE-2008-0005 MDVSA-2008:016  View
72 5 CVE-2008-0005 RHSA-2008:0004  View
73 5 CVE-2008-0005 RHSA-2008:0005  View
74 5 CVE-2008-0005 RHSA-2008:0006  View
75 5 CVE-2008-0005 RHSA-2008:0007  View
76 5 CVE-2008-0005 RHSA-2008:0008  View
77 5 CVE-2008-0005 RHSA-2008:0009  View
78 5 CVE-2008-0005 20080110 SecurityReason - Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability  View
79 5 CVE-2008-0005 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server  View
80 5 CVE-2008-0005 27234  View
81 5 CVE-2008-0005 1019185  View
82 5 CVE-2008-0005 USN-575-1  View
83 5 CVE-2008-0005 ADV-2008-0924  View
84 5 CVE-2008-0005 ADV-2008-1875  View
85 5 CVE-2008-0005 apache-modproxyftp-utf7-xss(39615)  View
86 5 CVE-2008-0005 FEDORA-2008-1711  View
87 5 CVE-2008-0005 FEDORA-2008-1695  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
45720 JVNDB-2008-001030 Apache の mod_proxy_ftp における UTF-7 エンコードに関するクロスサイトスクリプティングの脆弱性 Apache の mod_proxy_ftp には、charset が定義されていないため、UTF-7 エンコードを用いたクロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-0005 30118 CVE-2008-0005 5 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001030.html 2008-01-11 2010-04-28 View