What is CVE-2008-0455?

CVE-2008-0455 is a vulnerability in N/a. Published 2008-01-25.

Is CVE-2008-0455 known to be exploited?

17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-0455

Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authen…

EPSS: 0.526 (98.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

20080122 Apache mod_negotiation Xss and Http Response Splitting (mailing-list, x_refsource_BUGTRAQ)
GLSA-200803-19 (vendor-advisory, x_refsource_GENTOO)
1019256 (vdb-entry, x_refsource_SECTRACK)
3575 (x_refsource_SREASON, third-party-advisory)
RHSA-2012:1594 (x_refsource_REDHAT, vendor-advisory)
51607 (x_refsource_SECUNIA, third-party-advisory)
www.mindedsecurity.com/MSA01150108.html (x_refsource_MISC)
RHSA-2012:1592 (x_refsource_REDHAT, vendor-advisory)
29348 (x_refsource_SECUNIA, third-party-advisory)
RHSA-2013:0130 (x_refsource_REDHAT, vendor-advisory)

Frequently asked questions

What is CVE-2008-0455?: CVE-2008-0455 is a vulnerability in N/a. Published 2008-01-25.
Is CVE-2008-0455 known to be exploited?: 17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.