Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability

Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability

References:

Apache Homepage (Apache Software Foundation)
Changes with Apache 2.2.6 (Apache)
Apache2 Undefined Charset UTF-7 XSS Vulnerability (Maksymilian Arciemowicz)
ASA-2008-026 httpd security update (RHSA-2008-0005) (Avaya)
ASA-2008-031 Apache security update (RHSA-2008-0004) (Avaya Inc.)
ASA-2008-032 httpd security update (RHSA-2008-0006) (Avaya)
HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (HP)
Interstage HTTP Server: Cross-site Scripting Problem (CVE-2007-4465/ CVE-2007-62 (Fujitsu)
RHSA-2007:0911-6 httpd security update (Red Hat)
RHSA-2008:0004-7 - apache security update (Red Hat)
RHSA-2008:0005-4 - httpd security update (Red Hat)
RHSA-2008:0006-6 - httpd security update (Red Hat)
RHSA-2008:0008-6 httpd security update (Red Hat)
RHSA-2008:0261-4 Moderate: Red Hat Network Satellite Server security update (Red Hat)

Privacy Statement
Copyright 2010, SecurityFocus