Severity : Medium Published : 2007-12-03 Modified : 2011-07-18 Base Score : 4.3 Details : Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. Product/Version : Professional PRO 5.0   Mobilinux 5.0.24   MVL 5 Atom   CGE 5.x   Mobilinux 5.x   Pro 5.0.24   MVL 5 OMAP3   MVL 5 OMAP3530

CVE-2007-6716 CVE-2007-6694 CVE-2007-6422 CVE-2007-6421 CVE-2007-6420 CVE-2007-6417 CVE-2007-6388 CVE-2007-6203 CVE-2007-6200 CVE-2007-6199 CVE-2007-6151 CVE-2007-6067 CVE-2007-5966 CVE-2007-5794 CVE-2007-5269 CVE-2007-5116 CVE-2007-5093 CVE-2007-5000 CVE-2007-4826 CVE-2007-4772 CVE-2007-4769 CVE-2007-4657 CVE-2007-4573 CVE-2007-4567 CVE-2007-4091 CVE-2007-3998 CVE-2007-3806 CVE-2007-3799 CVE-2007-3374 CVE-2007-3108 CVE-2007-3107 CVE-2007-2953 CVE-2007-2876 CVE-2007-2451 CVE-2007-2438 CVE-2007-2242 CVE-2007-2165 CVE-2007-1863 CVE-2007-1718 CVE-2007-1536 CVE-2007-1286 CVE-2007-1218 CVE-2007-1217 CVE-2007-1001 CVE-2007-0988 CVE-2007-0910 CVE-2007-0248 CVE-2007-0247 CVE-2007-0062