Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2012-4558

Published: 26 February 2013

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.

Notes

AuthorNote
mdeslaur
same commit as CVE-2012-3499

Priority

Medium

Status

Package Release Status
apache2
Launchpad, Ubuntu, Debian
upstream
Released (2.2.22-13)
hardy
Released (2.2.8-1ubuntu0.25)
lucid
Released (2.2.14-5ubuntu8.11)
oneiric
Released (2.2.20-1ubuntu1.4)
precise
Released (2.2.22-1ubuntu1.3)
quantal
Released (2.2.22-6ubuntu2.2)
Patches:
upstream: http://svn.apache.org/viewvc?view=revision&revision=1447390
vendor: http://www.debian.org/security/2013/dsa-2637