DEBIAN-CVE-2012-3499

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2012-3499

Downstream

DSA-2637-1

Published: 26 Feb 2013, 16:55

Last modified:28 Apr 2026, 20:07

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Feb 2013, 16:55

Published

Vulnerability first disclosed

28 Apr 2026, 20:07

Last Modified

Vulnerability information updated

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.

Affected Systems

debian•apache2
< 2.2.22-13 | < 2.2.22-13 | < 2.2.22-13 | < 2.2.22-13

References (1)

https://security-tracker.debian.org/tracker/CVE-2012-3499