PublicDateAtUSN: 2007-12-13
PublicDate: 2007-12-13 18:46:00 UTC
Candidate: CVE-2007-5000
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
 https://ubuntu.com/security/notices/USN-575-1
Description:
 Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the
 Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the
 (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6
 allows remote attackers to inject arbitrary web script or HTML via
 unspecified vectors.
Ubuntu-Description:
Notes:
 jdstrand> redhat has patch for all releases now
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 
upstream_apache2: needs-triage
dapper_apache2: released (2.0.55-4ubuntu2.3)
edgy_apache2: released (2.0.55-4ubuntu4.2)
feisty_apache2: released (2.2.3-3.2ubuntu2.1)
gutsy_apache2: released (2.2.4-3ubuntu0.1)
hardy_apache2: not-affected (2.2.8-1)
intrepid_apache2: not-affected (2.2.8-1)
jaunty_apache2: not-affected (2.2.8-1)
karmic_apache2: not-affected (2.2.8-1)
devel_apache2: not-affected (2.2.8-1)

upstream_apache: needs-triage
dapper_apache: ignored (reached end-of-life)
edgy_apache: needs-triage (reached end-of-life)
feisty_apache: needs-triage (reached end-of-life)
gutsy_apache: DNE
hardy_apache: DNE
intrepid_apache: DNE
jaunty_apache: DNE
karmic_apache: DNE
devel_apache: DNE