[Japanese]

JVNDB-2007-000819

Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"

Overview

mod_imap and mod_imagemap modules of the Apache HTTP Server are vulnerable to cross-site scripting.

The Apache HTTP Server is open source web server software. The Apache HTTP Server modules mod_imap and mod_imagemap provide server-side imagemap processing capability.
The Apache HTTP Server modules mod_imap and mod_imagemap are vulnerable to cross-site scripting.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Apache Software Foundation
  • Apache HTTP Server 2.2.6 and earlier
  • Apache HTTP Server 2.0.61 and earlier
  • Apache HTTP Server 1.3.39 and earlier
IBM Corporation
  • IBM HTTP Server 6.0.2.27
  • IBM HTTP Server 6.1.0.15
  • IBM HTTP Server 2.0.47.1
  • IBM HTTP Server 1.3.28.1
Apple Inc.
  • Apple Mac OS X v10.4.11
  • Apple Mac OS X v10.5.2
  • Apple Mac OS X Server v10.4.11
  • Apple Mac OS X Server v10.5.2
Oracle Corporation
  • Oracle HTTP Server 10.1.3.5.0
Cybertrust Japan Co., Ltd.
  • Asianux Server 3 (x86)
  • Asianux Server 3 (x86-64)
  • Asianux Server 2.0
  • Asianux Server 2.1
  • Asianux Server 3.0
  • Asianux Server 3.0 (x86-64)
  • Asianux Server 4.0
  • Asianux Server 4.0 (x86-64)
Sun Microsystems, Inc.
  • Sun Solaris 10 (sparc)
  • Sun Solaris 10 (x86)
  • Sun Solaris 8 (sparc)
  • Sun Solaris 8 (x86)
  • Sun Solaris 9 (sparc)
  • Sun Solaris 9 (x86)
Turbolinux, Inc.
  • Turbolinux Appliance Server 1.0 (hosting)
  • Turbolinux Appliance Server 1.0 (workgroup)
  • Turbolinux Appliance Server 2.0
  • Turbolinux FUJI
  • Turbolinux Multimedia
  • Turbolinux Personal
  • Turbolinux Server 10
  • Turbolinux Server 10 (x64)
  • Turbolinux Server 11
  • Turbolinux Server 11 (x64)
  • Turbolinux Server 8
Hewlett-Packard Development Company,L.P
  • HP-UX 11.11
  • HP-UX 11.23
  • HP-UX 11.31
Red Hat, Inc.
  • Red Hat Application Stack v1 for Enterprise Linux AS (v.4)
  • Red Hat Application Stack v1 for Enterprise Linux ES (v.4)
  • Red Hat Enterprise Linux 5 (server)
  • Red Hat Enterprise Linux 2.1 (as)
  • Red Hat Enterprise Linux 3 (as)
  • Red Hat Enterprise Linux 4 (as)
  • Red Hat Enterprise Linux 2.1 (es)
  • Red Hat Enterprise Linux 3 (es)
  • Red Hat Enterprise Linux 4 (es)
  • Red Hat Enterprise Linux 2.1 (ws)
  • Red Hat Enterprise Linux 3 (ws)
  • Red Hat Enterprise Linux 4 (ws)
  • Red Hat Enterprise Linux Desktop 3.0
  • Red Hat Enterprise Linux Desktop 4.0
  • Red Hat Enterprise Linux Desktop 5.0 (client)
  • Red Hat Linux Advanced Workstation 2.1
  • RHEL Desktop Workstation 5 (client)
NEC Corporation
  • WanBooster
Hitachi, Ltd
  • Cosminexus Application Server Enterprise Version 6
  • Cosminexus Application Server Standard Version 6
  • Cosminexus Application Server Version 5
  • Cosminexus Developer Professional Version 6
  • Cosminexus Developer Standard Version 6
  • Cosminexus Developer Light Version 6
  • Cosminexus Developer Version 5
  • Cosminexus Server Standard Edition Version 4
  • Cosminexus Server Web Edition Version 4
  • Cosminexus Server Enterprise Edition
  • Cosminexus Server Standard Edition
  • Cosminexus Server Web Edition
  • Hitachi Web Server
  • uCosminexus Application Server Enterprise
  • uCosminexus Application Server Standard
  • uCosminexus Developer Professional
  • uCosminexus Developer Standard
  • uCosminexus Developer Light
  • uCosminexus Service Platform
  • uCosminexus Service Architect
FUJITSU
  • Interstage Application Framework Suite
  • Interstage Application Server
  • Interstage Apworks
  • Interstage Business Application Server
  • Interstage Job Workload Server
  • Interstage Studio
  • Interstage Web Server
  • Systemwalker Resource Coordinator

Impact

An arbitrary script can be executed on the user's web browser.
Solution

[Apply the Patch]
Apply the appropriate patches according to the information provided by the vendors.

[Workarounds]
Use client-side image mapping instead of server-side image mapping.
Vendor Information

Apache Software Foundation IBM Corporation Apple Inc. Oracle Corporation Cybertrust Japan Co., Ltd.
  • Asianux Technical Support Network : httpd-2.2.3-11.3.1AX (Japanese)
  • MIRACLE LINUX Update Information : 1205 (Japanese)
  • MIRACLE LINUX Update Information : 1224 (Japanese)
  • MIRACLE LINUX Update Information : 1221 (Japanese)
Sun Microsystems, Inc.
  • Sun Alert Notification : 233623
Turbolinux, Inc. Hewlett-Packard Development Company,L.P Red Hat, Inc. NEC Corporation
  • NEC Security Information : NV07-013 (Japanese)
Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS07-042
FUJITSU
CWE (What is CWE?)

  1. Cross-site Scripting(CWE-79) [NVD Evaluation]
CVE (What is CVE?)

  1. CVE-2007-5000
References

  1. JVN : JVN#80057925
  2. JVN Status Tracking Notes : TRTA08-079A
  3. JVN Status Tracking Notes : TRTA08-150A
  4. National Vulnerability Database (NVD) : CVE-2007-5000
  5. Secunia Advisory : SA28046
  6. Secunia Advisory : SA28073
  7. FrSIRT Advisories : FrSIRT/ADV-2007-4201
  8. FrSIRT Advisories : FrSIRT/ADV-2007-4202
Revision History

  • [2008/05/21]
      Web page published
    [2008/06/09]
      Affected Products : Added Apple Inc (Security Update 2008-002).
      Affected Products : Sun Microsystems, Inc (233623).  
      Affected Products : Added IBM Corporation (4019245).
      Vendor Information : Added Apple Inc (Security Update 2008-002).
      Vendor Information : Added Sun Microsystems, Inc (233623).
      Vendor Information : Added IBM Corporation.
        7005198
        7007033
        4019245
        PK65782
    [2008/06/18]
      Vendor Information : Added Apple Inc (Security Update 2008-002).
    [2009/08/10]
      Affected Products : Updated NEC Corporation (NV07-013).
    [2013/07/18]
      Affected Products : Product of Oracle was added.
      Vendor Information : Contents of Oracle were added.