CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:debian:apache2:*:squeeze6:*:*:*:*:*:*
cpe:2.3:a:debian:apache2:*:wheezy:*:*:*:*:*:*
cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:*

History

No history.

Information

Published : 2012-04-22 18:55

Updated : 2023-12-10 11:16


NVD link : CVE-2012-0216

Mitre link : CVE-2012-0216

CVE.ORG link : CVE-2012-0216


JSON object : View

Products Affected

debian

  • apache2