>> IBM HTTP Server "Expect" Header Handling Client-Side Cross Site Scripting Vulnerability
Title : IBM HTTP Server "Expect" Header Handling Client-Side Cross Site Scripting Vulnerability VUPEN ID : VUPEN/ADV-2006-2964 CVE ID : CVE-2006-3918
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2006-07-25
Technical Description
A vulnerability has been identified in IBM HTTP Server, which could be exploited by attackers to execute arbitrary scripting code. For additional information, see : VUPEN/ADV-2006-2963
IBM HTTP Server version 6.1 - Upgrade to version 6.1.0.1
IBM HTTP Server version 6.0 - Upgrade to version 6.0.2.13
IBM HTTP Server version 2.0 - Apply APAR PK25355 References
