| { |
| "data_type": "CVE", |
| "data_format": "MITRE", |
| "data_version": "4.0", |
| "generator": { |
| "engine": "xmltojsonmjc 1.0" |
| }, |
| "references": {}, |
| "timeline": [ |
| { |
| "time": "2005-06-11", |
| "lang": "eng", |
| "value": "public" |
| }, |
| { |
| "time": "2005-10-14", |
| "lang": "eng", |
| "value": "2.0.55 released" |
| } |
| ], |
| "CNA_private": { |
| "owner": "httpd" |
| }, |
| "CVE_data_meta": { |
| "ASSIGNER": "security@apache.org", |
| "AKA": "", |
| "STATE": "PUBLIC", |
| "DATE_PUBLIC": "2005-06-11", |
| "ID": "CVE-2005-2088", |
| "TITLE": "HTTP Request Spoofing" |
| }, |
| "source": { |
| "defect": [], |
| "advisory": "", |
| "discovery": "UNKNOWN" |
| }, |
| "problemtype": { |
| "problemtype_data": [ |
| { |
| "description": [ |
| { |
| "lang": "eng", |
| "value": "HTTP Request Spoofing" |
| } |
| ] |
| } |
| ] |
| }, |
| "description": { |
| "description_data": [ |
| { |
| "lang": "eng", |
| "value": "A flaw occured when using the Apache server as a HTTP proxy. A remote attacker could send a HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, causing Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request. This could allow the bypass of web application firewall protection or lead to cross-site scripting (XSS) attacks." |
| } |
| ] |
| }, |
| "impact": [ |
| { |
| "other": "moderate" |
| } |
| ], |
| "affects": { |
| "vendor": { |
| "vendor_data": [ |
| { |
| "vendor_name": "Apache Software Foundation", |
| "product": { |
| "product_data": [ |
| { |
| "product_name": "Apache HTTP Server", |
| "version": { |
| "version_data": [ |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.54" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.53" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.52" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.51" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.50" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.49" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.48" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.47" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.46" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.45" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.44" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.43" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.42" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.40" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.39" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.37" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.36" |
| }, |
| { |
| "version_name": "2.0", |
| "version_affected": "=", |
| "version_value": "2.0.35" |
| } |
| ] |
| } |
| } |
| ] |
| } |
| } |
| ] |
| } |
| } |
| } |
