Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability

Apache HTTP Server is prone to an information-disclosure vulnerability. The issue occurs in the default error response for status code 400.

Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.

The vulnerability affects Apache HTTP Server versions 2.2.0 through 2.2.21.


Privacy Statement
Copyright 2010, SecurityFocus