What is CVE-2007-6203?

CVE-2007-6203 is a vulnerability in N/a. Published 2007-12-03.

Is CVE-2007-6203 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-6203

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style atta…

EPSS: 0.735 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

PK57952 (vendor-advisory, x_refsource_AIXAPAR)
GLSA-200803-19 (vendor-advisory, x_refsource_GENTOO)
26663 (vdb-entry, x_refsource_BID)
oval:org.mitre.oval:def:12166 (x_refsource_OVAL, signature, vdb-entry)
34219 (x_refsource_SECUNIA, third-party-advisory)
HPSBUX02465 (x_refsource_HP, vendor-advisory)
27906 (x_refsource_SECUNIA, third-party-advisory)
ADV-2008-1623 (vdb-entry, x_refsource_VUPEN)
ADV-2008-0924 (vdb-entry, x_refsource_VUPEN)
3411 (x_refsource_SREASON, third-party-advisory)

Frequently asked questions

What is CVE-2007-6203?: CVE-2007-6203 is a vulnerability in N/a. Published 2007-12-03.
Is CVE-2007-6203 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.