Hide Forgot
http://svn.apache.org/viewvc?view=rev&revision=603282 Fix CVE-2007-5000: * modules/mappers/mod_imagemap.c (menu_header): Fix cross-site-scripting issue by escaping the URI, and ensure that a charset parameter is sent in the content-type to prevent autodetection by broken browsers. Reported by: JPCERT
A flaw was found in the Apache httpd mod_imagemap module. On sites where mod_imagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000)
httpd-2.2.8-1.fc8 has been submitted as an update for Fedora 8
httpd-2.2.8-1.fc7 has been submitted as an update for Fedora 7
httpd-2.2.8-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
httpd-2.2.8-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Certificate System 7.3 Via RHSA-2010:0602 https://rhn.redhat.com/errata/RHSA-2010-0602.html