WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-6514)

Description

Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.

Remediation

References

Related Vulnerabilities

Oracle JRE CVE-2013-5809 Vulnerability (CVE-2013-5809)

WordPress Plugin CallRail Phone Call Tracking Cross-Site Request Forgery (0.4.9)

WordPress Plugin Audio Player Cross-Site Scripting (2.0.4.5)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104)

WordPress Plugin Jssor Slider Arbitrary File Upload (1.3)

Severity

Medium

Classification

CVE-2007-6514 CWE-200

Tags

Missing Update Known Vulnerabilities