CVE-2012-4558 in Ubuntu

CVE-2012-4558 (retired)

Priority

Description

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler
function in the manager interface in mod_proxy_balancer.c in the
mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev
and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web
script or HTML via a crafted string.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h
http://httpd.apache.org/security/vulnerabilities_22.html
https://usn.ubuntu.com/usn/usn-1765-1

Notes

mdeslaur> same commit as CVE-2012-3499

Assigned-to

mdeslaur

Package

Source: apache2 (LP Ubuntu Debian)

Upstream:

released (2.2.22-13)

Patches:

Upstream:	http://svn.apache.org/viewvc?view=revision&revision=1447390
Vendor:	http://www.debian.org/security/2013/dsa-2637

More Information

Updated: 2019-03-26 12:04:12 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)