CVE-2007-6203

NONE

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allo

게시됨: 12/3/2007업데이트됨: 4/9/2025
NVD에서 보기MITRE에서 보기

설명

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.

AI 분석AI 기반

영향받는 제품

apachehttp_server
2.0.46
apachehttp_server
2.0.47
apachehttp_server
2.0.48
apachehttp_server
2.0.49
apachehttp_server
2.0.50
apachehttp_server
2.0.51
apachehttp_server
2.0.52
apachehttp_server
2.0.53
apachehttp_server
2.0.54
apachehttp_server
2.0.55
apachehttp_server
2.0.57
apachehttp_server
2.0.58
apachehttp_server
2.0.59
apachehttp_server
2.1.1
apachehttp_server
2.1.2
apachehttp_server
2.1.3
apachehttp_server
2.1.4
apachehttp_server
2.1.5
apachehttp_server
2.1.6
apachehttp_server
2.1.7
apachehttp_server
2.1.8
apachehttp_server
2.2.0
apachehttp_server
2.2.2
apachehttp_server
2.2.3
apachehttp_server
2.2.4

사용 가능한 익스플로잇 (1)

참조