]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a3fcf44) | patch
Fix CVE-2007-5000:
authorJoe Orton <jorton@apache.org>
Wed, 12 Dec 2007 12:36:54 +0000 (12:36 +0000)
committerJoe Orton <jorton@apache.org>
Wed, 12 Dec 2007 12:36:54 +0000 (12:36 +0000)
commit8e6437a2d3a2e4ce38382ff295653f0fdb9dd939
tree954b39bc78f8d9cb1ad2eb1f12134f5efcd42f63tree | snapshot
parenta3fcf446881225c3eb11ffc624fa55058abafde2commit | diff
Fix CVE-2007-5000:

* src/modules/standard/mod_imap.c (menu_header): Fix cross-site
  scripting issue by escaping the URI, and ensure that a charset
  parameter is sent in the content-type to prevent autodetection by
  broken browsers.

Reported by: JPCERT

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@603597 13f79535-47bb-0310-9956-ffa450edef68
src/CHANGES diff | blob | blame | history
src/modules/standard/mod_imap.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git