← Back

CVE-2002-0840

nvd nist
Published: Oct 11, 2002Modified: Apr 16, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

Affected (47)

Apache
1 product
Http Server
Oracle
4 products
Application Server
Database Server
Oracle8i
Oracle9i
Configuration A
47 vulnerable
Vulnerable SoftwareAffected Versions
Apache
Http Server
Version 1.3.11
Http Server
Version 1.3.12
Http Server
Version 1.3.14
Http Server
Version 1.3.17
Http Server
Version 1.3.18
Http Server
Version 1.3.19
Http Server
Version 1.3.1
Http Server
Version 1.3.20
Http Server
Version 1.3.22
Http Server
Version 1.3.23
Http Server
Version 1.3.24
Http Server
Version 1.3.25
Http Server
Version 1.3.26
Http Server
Version 1.3.3
Http Server
Version 1.3.4
Http Server
Version 1.3.6
Http Server
Version 1.3.9
Http Server
Version 1.3
Http Server
Version 2.0.28
Http Server
Version 2.0.32
Http Server
Version 2.0.35
Http Server
Version 2.0.36
Http Server
Version 2.0.37
Http Server
Version 2.0.38
Http Server
Version 2.0.39
Http Server
Version 2.0.40
Http Server
Version 2.0.41
Http Server
Version 2.0.42
Http Server
Version 2.0
Oracle
Application Server
Version 1.0.2.1s
Application Server
Version 1.0.2.2
Application Server
Version 1.0.2
Application Server
Version 9.0.2.1
Application Server
Version 9.0.2
Application Server
Version 9.0.2 r2
Oracle
Database Server
Version 8.1.7
Database Server
Version 9.2.1
Database Server
Version 9.2.2
Oracle
Oracle8i
Version 8.1.7.1
Oracle8i
Version 8.1.7
Oracle8i
Version 8.1.7_.0.0_enterprise
Oracle8i
Version 8.1.7_.1.0_enterprise
Oracle
Oracle9i
Version 9.0.1.2
Oracle9i
Version 9.0.1.3
Oracle9i
Version 9.0.1
Oracle9i
Version 9.0.2
Oracle9i
Version 9.0

References (74)

ftp://patches.sgi.com/support/free/security/advisories/20021105-02-I (unsafe URL)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ftp://patches.sgi.com/support/free/security/advisories/20021105-02-I (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.