Lucene search
RedHatRHSA-2007:1095HistoryDec 03, 2007 - 12:00 a.m.
(RHSA-2007:1095) Moderate: htdig security update
2007-12-0300:00:00
access.redhat.com
6
0.008 Low
EPSS
Percentile
81.1%
The ht://Dig system is a complete World Wide Web indexing and searching
system for a small domain or intranet.
A cross-site scripting flaw was discovered in a htdig search page. An
attacker could construct a carefully crafted URL, which once visited by an
unsuspecting user, could cause a user’s Web browser to execute malicious
script in the context of the visited htdig search Web page. (CVE-2007-6110)
Users of htdig are advised to upgrade to these updated packages, which
contain backported patch to resolve this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 4 | ppc | htdig | < 3.2.0b6-4.el4_6 | htdig-3.2.0b6-4.el4_6.ppc.rpm |
| RedHat | 4 | ppc | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.ppc.rpm |
| RedHat | 4 | ia64 | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.ia64.rpm |
| RedHat | 5 | ppc | htdig | < 3.2.0b6-9.0.1.el5_1 | htdig-3.2.0b6-9.0.1.el5_1.ppc.rpm |
| RedHat | 4 | x86_64 | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.x86_64.rpm |
| RedHat | 5 | i386 | htdig-web | < 3.2.0b6-9.0.1.el5_1 | htdig-web-3.2.0b6-9.0.1.el5_1.i386.rpm |
| RedHat | 4 | x86_64 | htdig | < 3.2.0b6-4.el4_6 | htdig-3.2.0b6-4.el4_6.x86_64.rpm |
| RedHat | 4 | i386 | htdig-web | < 3.2.0b6-4.el4_6 | htdig-web-3.2.0b6-4.el4_6.i386.rpm |
| RedHat | 4 | src | htdig | < 3.2.0b6-4.el4_6 | htdig-3.2.0b6-4.el4_6.src.rpm |
| RedHat | 5 | s390x | htdig-web | < 3.2.0b6-9.0.1.el5_1 | htdig-web-3.2.0b6-9.0.1.el5_1.s390x.rpm |
Related
openvas
openvas
Fedora Update for htdig FEDORA-2007-3907
2009-02-27 00:00:00
Debian: Security Advisory (DSA-1429-1)
2008-01-17 00:00:00
Oracle: Security Advisory (ELSA-2007-1095)
2015-10-08 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:19:19
nessus
nessus
ht://dig htsearch sort Parameter XSS
2007-11-28 00:00:00
Fedora 7 : htdig-3.2.0b6-12.fc7 (2007-3907)
2007-11-29 00:00:00
Oracle Linux 4 / 5 : htdig (ELSA-2007-1095)
2013-07-12 00:00:00
ubuntucve
ubuntucve
CVE-2007-6110
2007-11-23 00:00:00
nvd
nvd
CVE-2007-6110
2007-11-23 20:46:00
oraclelinux
oraclelinux
Moderate: htdig security update
2007-12-04 00:00:00
debian
debian
[SECURITY] [DSA 1429-1] New htdig packages fix cross site scripting
2007-12-11 22:11:41
fedora
fedora
[SECURITY] Fedora 8 Update: htdig-3.2.0b6-13.fc8
2007-11-29 01:46:18
[SECURITY] Fedora Core 6 Update: htdig-3.2.0b6-9.fc6
2007-12-03 15:47:07
[SECURITY] Fedora 7 Update: htdig-3.2.0b6-12.fc7
2007-11-29 01:39:58
cvelist
cvelist
CVE-2007-6110
2007-11-23 20:00:00
cve
cve
CVE-2007-6110
2007-11-23 20:46:00
securityvulns
securityvulns
osv
osv
htdig - cross site scripting
2007-12-11 00:00:00
prion
prion
Cross site scripting
2007-11-23 20:46:00
debiancve
debiancve
CVE-2007-6110
2007-11-23 20:46:00
centos
centos
htdig security update
2007-12-03 16:39:25