What is CVE-2008-2939?

CVE-2008-2939 is a vulnerability in N/a. Published 2008-08-06.

Is CVE-2008-2939 known to be exploited?

24 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-2939

Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject a…

EPSS: 0.646 (98.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

svn.apache.org/viewvc (x_refsource_CONFIRM)
34219 (x_refsource_SECUNIA, third-party-advisory)
HPSBUX02465 (x_refsource_HP, vendor-advisory)
support.apple.com/kb/HT3549 (x_refsource_CONFIRM)
SUSE-SR:2008:024 (vendor-advisory, x_refsource_SUSE)
247666 (vendor-advisory, x_refsource_SUNALERT)
32838 (x_refsource_SECUNIA, third-party-advisory)
20081122 rPSA-2008-0328-1 httpd mod_ssl (mailing-list, x_refsource_BUGTRAQ)
www.rapid7.com/advisories/R7-0033 (x_refsource_MISC)
35074 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2008-2939?: CVE-2008-2939 is a vulnerability in N/a. Published 2008-08-06.
Is CVE-2008-2939 known to be exploited?: 24 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.