CVE-2013-1048

Related Files

Ubuntu Security Notice USN-1765-1

Posted Mar 19, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1765-1 - Niels Heinen discovered that multiple modules incorrectly sanitized certain strings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. It was discovered that the mod_proxy_ajp module incorrectly handled error states. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. This issue only applied to Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability, xss

systems | linux, ubuntu

advisories | CVE-2012-4557, CVE-2013-1048, CVE-2012-3499, CVE-2012-4557, CVE-2012-4558, CVE-2013-1048

SHA-256 | 9767c3ba93f72fe50577dcb192dc592f8756c27311ba9608eac93daa121f26e9

Download | Favorite | View

Debian Security Advisory 2637-1

Posted Mar 5, 2013

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2637-1 - Several vulnerabilities have been found in the Apache HTTPD server.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1048

SHA-256 | df4a25fbca27c25ef035e661c510b7163133d490ce4c001639ad8fc981090c93

Download | Favorite | View