Lucene search
MitreCVE-2009-2823HistoryNov 10, 2009 - 7:30 p.m.
CVE-2009-2823
2009-11-1019:30:01
CWE-79
mitre
web.nvd.nist.gov
45
apple
mac os x
apache
server
cve-2009-2823
xss
http trace
cross-site scripting
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
65.3%
The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
Affected configurations
Node
applemac_os_xRangeโค10.6.1
ORapplemac_os_xMatch10.0
ORapplemac_os_xMatch10.0.0
ORapplemac_os_xMatch10.0.1
ORapplemac_os_xMatch10.0.2
ORapplemac_os_xMatch10.0.3
ORapplemac_os_xMatch10.0.4
ORapplemac_os_xMatch10.1
ORapplemac_os_xMatch10.1.0
ORapplemac_os_xMatch10.1.1
ORapplemac_os_xMatch10.1.2
ORapplemac_os_xMatch10.1.3
ORapplemac_os_xMatch10.1.4
ORapplemac_os_xMatch10.1.5
ORapplemac_os_xMatch10.2
ORapplemac_os_xMatch10.2.0
ORapplemac_os_xMatch10.2.1
ORapplemac_os_xMatch10.2.2
ORapplemac_os_xMatch10.2.3
ORapplemac_os_xMatch10.2.4
ORapplemac_os_xMatch10.2.5
ORapplemac_os_xMatch10.2.6
ORapplemac_os_xMatch10.2.7
ORapplemac_os_xMatch10.2.8
ORapplemac_os_xMatch10.3
ORapplemac_os_xMatch10.3.0
ORapplemac_os_xMatch10.3.1
ORapplemac_os_xMatch10.3.2
ORapplemac_os_xMatch10.3.3
ORapplemac_os_xMatch10.3.4
ORapplemac_os_xMatch10.3.5
ORapplemac_os_xMatch10.3.6
ORapplemac_os_xMatch10.3.7
ORapplemac_os_xMatch10.3.8
ORapplemac_os_xMatch10.3.9
ORapplemac_os_xMatch10.4
ORapplemac_os_xMatch10.4.0
ORapplemac_os_xMatch10.4.1
ORapplemac_os_xMatch10.4.2
ORapplemac_os_xMatch10.4.3
ORapplemac_os_xMatch10.4.4
ORapplemac_os_xMatch10.4.5
ORapplemac_os_xMatch10.4.6
ORapplemac_os_xMatch10.4.7
ORapplemac_os_xMatch10.4.8
ORapplemac_os_xMatch10.4.9
ORapplemac_os_xMatch10.4.10
ORapplemac_os_xMatch10.4.11
ORapplemac_os_xMatch10.5
ORapplemac_os_xMatch10.5.0
ORapplemac_os_xMatch10.5.1
ORapplemac_os_xMatch10.5.2
ORapplemac_os_xMatch10.5.3
ORapplemac_os_xMatch10.5.4
ORapplemac_os_xMatch10.5.5
ORapplemac_os_xMatch10.5.6
ORapplemac_os_xMatch10.5.7
ORapplemac_os_xMatch10.5.8
ORapplemac_os_xMatch10.6
Node
applemac_os_x_serverRangeโค10.6.1
ORapplemac_os_x_serverMatch10.0
ORapplemac_os_x_serverMatch10.0.0
ORapplemac_os_x_serverMatch10.0.1
ORapplemac_os_x_serverMatch10.0.2
ORapplemac_os_x_serverMatch10.0.3
ORapplemac_os_x_serverMatch10.0.4
ORapplemac_os_x_serverMatch10.1
ORapplemac_os_x_serverMatch10.1.0
ORapplemac_os_x_serverMatch10.1.1
ORapplemac_os_x_serverMatch10.1.2
ORapplemac_os_x_serverMatch10.1.3
ORapplemac_os_x_serverMatch10.1.4
ORapplemac_os_x_serverMatch10.1.5
ORapplemac_os_x_serverMatch10.2
ORapplemac_os_x_serverMatch10.2.0
ORapplemac_os_x_serverMatch10.2.1
ORapplemac_os_x_serverMatch10.2.2
ORapplemac_os_x_serverMatch10.2.3
ORapplemac_os_x_serverMatch10.2.4
ORapplemac_os_x_serverMatch10.2.5
ORapplemac_os_x_serverMatch10.2.6
ORapplemac_os_x_serverMatch10.2.7
ORapplemac_os_x_serverMatch10.2.8
ORapplemac_os_x_serverMatch10.3
ORapplemac_os_x_serverMatch10.3.0
ORapplemac_os_x_serverMatch10.3.1
ORapplemac_os_x_serverMatch10.3.2
ORapplemac_os_x_serverMatch10.3.3
ORapplemac_os_x_serverMatch10.3.4
ORapplemac_os_x_serverMatch10.3.5
ORapplemac_os_x_serverMatch10.3.6
ORapplemac_os_x_serverMatch10.3.7
ORapplemac_os_x_serverMatch10.3.8
ORapplemac_os_x_serverMatch10.3.9
ORapplemac_os_x_serverMatch10.4
ORapplemac_os_x_serverMatch10.4.0
ORapplemac_os_x_serverMatch10.4.1
ORapplemac_os_x_serverMatch10.4.2
ORapplemac_os_x_serverMatch10.4.3
ORapplemac_os_x_serverMatch10.4.4
ORapplemac_os_x_serverMatch10.4.5
ORapplemac_os_x_serverMatch10.4.6
ORapplemac_os_x_serverMatch10.4.7
ORapplemac_os_x_serverMatch10.4.8
ORapplemac_os_x_serverMatch10.4.9
ORapplemac_os_x_serverMatch10.4.10
ORapplemac_os_x_serverMatch10.4.11
ORapplemac_os_x_serverMatch10.5
ORapplemac_os_x_serverMatch10.5.0
ORapplemac_os_x_serverMatch10.5.1
ORapplemac_os_x_serverMatch10.5.2
ORapplemac_os_x_serverMatch10.5.3
ORapplemac_os_x_serverMatch10.5.4
ORapplemac_os_x_serverMatch10.5.5
ORapplemac_os_x_serverMatch10.5.6
ORapplemac_os_x_serverMatch10.5.7
ORapplemac_os_x_serverMatch10.5.8
ORapplemac_os_x_serverMatch10.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | mac_os_x | * | cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.0 | cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.0.0 | cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.0.1 | cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.0.2 | cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.0.3 | cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.0.4 | cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.1 | cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.1.0 | cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.1.1 | cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2009-11-10 19:30:00
openvas
openvas
Mandriva Update for apache-conf MDVSA-2009:300-1 (apache-conf)
2010-01-15 00:00:00
Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)
2010-01-15 00:00:00
Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)
2010-01-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : apache-conf (MDVSA-2009:300-2)
2009-11-16 00:00:00
Mac OS X 10.6.x < 10.6.2 Multiple Vulnerabilities
2009-11-09 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2009-006)
2009-11-09 00:00:00
cvelist
cvelist
CVE-2009-2823
2009-11-10 19:00:00
nvd
nvd
CVE-2009-2823
2009-11-10 19:30:01
pentestpartners
pentestpartners
Vulnerabilities that arenโt. Cross Site Tracing / XST
2022-01-25 06:08:46
seebug
seebug
Apple Mac OS X 2009-006ๆดๆฐไฟฎๅคๅคไธชๅฎๅ
จๆผๆด
2009-11-10 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
65.3%
Related for CVE-2009-2823