PublicDate: 2007-06-27 17:30:00 UTC
Candidate: CVE-2006-5752
References:
 https://ubuntu.com/security/notices/USN-499-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
Description:
 Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status
 module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a
 public server-status page is used, allows remote attackers to inject
 arbitrary web script or HTML via unspecified vectors involving charsets
 with browsers that perform "charset detection" when the content-type is not
 specified.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_apache2: released (2.0.55-4ubuntu2.2)
edgy_apache2: released (2.0.55-4ubuntu4.1)
feisty_apache2: released (2.2.3-3.2ubuntu0.1)
devel_apache2: released (2.2.4-3)
upstream_apache2: needs-triage