Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2006-3918 — Cross-site Scripting in Apache Http Server
Severity
4.3MEDIUMNVD
EPSS
91.4%
top 0.34%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJul 28
Latest updateMay 3
Description
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
CVSS vector
AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9
Affected Packages3 packages
Also affects: Debian Linux 3.1, Ubuntu Linux 6.06, 6.10, 7.04, 7.10
Patches
🔴Vulnerability Details
3💥Exploits & PoCs
2📋Vendor Advisories
4💬Community
6Bugzilla▶
CVE-2007-6203 httpd: Garbage before http method name is not escaped in a reply in case of errorneous request↗2007-12-04