Search for vulnerabilities
| Vulnerability ID | VCID-mrkz-heza-g7bu |
| Aliases |
CVE-2008-0455
|
| Summary | httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled |
| Status | Published |
| Exploitability | 2.0 |
| Weighted Severity | 0.3 |
| Risk | 0.6 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.31557 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.31557 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.31557 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| epss | 0.35253 | https://api.first.org/data/v1/epss?cve=CVE-2008-0455 |
| Reference id | Reference type | URL |
|---|---|---|
| https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0455.json | ||
| https://api.first.org/data/v1/epss?cve=CVE-2008-0455 | ||
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455 | ||
| 850794 | https://bugzilla.redhat.com/show_bug.cgi?id=850794 | |
| CVE-2008-0455;OSVDB-41019 | Exploit | https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31052.java |
| CVE-2008-0455;OSVDB-41019 | Exploit | https://www.securityfocus.com/bid/27409/info |
| RHSA-2012:1591 | https://access.redhat.com/errata/RHSA-2012:1591 | |
| RHSA-2012:1592 | https://access.redhat.com/errata/RHSA-2012:1592 | |
| RHSA-2012:1594 | https://access.redhat.com/errata/RHSA-2012:1594 | |
| RHSA-2013:0130 | https://access.redhat.com/errata/RHSA-2013:0130 | |
| RHSA-2013:0512 | https://access.redhat.com/errata/RHSA-2013:0512 |
| Data source | Exploit-DB |
|---|---|
| Date added | Jan. 22, 2008 |
| Description | Apache 2.2.6 mod_negotiation - HTML Injection / HTTP Response Splitting |
| Ransomware campaign use | Known |
| Source publication date | Jan. 22, 2008 |
| Exploit type | remote |
| Platform | linux |
| Source update date | Jan. 31, 2017 |
| Source URL | https://www.securityfocus.com/bid/27409/info |
| Percentile | 0.96638 |
| EPSS Score | 0.31557 |
| Published At | Aug. 1, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T11:22:40.358713+00:00 | RedHat Importer | Import | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0455.json | 37.0.0 |