CVE-2007-6203

Exp

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.

Published: 2007-12-03 Last update: 2026-04-23 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2007-6203 is rated High Exploit Risk (67.2/100): CVSS Medium severity, with high exploitation likelihood (EPSS 73.54%, 99th percentile). 3 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2007-6203

EDB-ID Source Kind Published Link
30835 exploit_db edb 2007-11-30 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2007-6203

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-04-10 73.14% 73.54% +0.40%
2 2026-03-04 74.82% 73.14% -1.67%
3 2026-03-01 74.82%

Full EPSS history (46 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2007-6203

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
4.3 2.0 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:N)
No availability impact.
 8.6 2.9 [email protected]

Weakness enumeration for CVE-2007-6203

OS Trackers for CVE-2007-6203

vendor priority summary link
debian low CVE-2007-6203 low priority: Debian including 1 source packages (apache2), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2007-6203
gentoo normal CVE-2007-6203: 1 GLSA(s) (200803-19), 1 atom(s) (www-servers/apache); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2007-6203
redhat https://access.redhat.com/security/cve/CVE-2007-6203
ubuntu low CVE-2007-6203 low priority: Ubuntu including 1 source packages (apache2), 7 status rows across 7 suites (dapper, edgy, feisty, gutsy, hardy, intrepid, upstream): released 3, ignored 2, not-affected 2. https://ubuntu.com/security/CVE-2007-6203

Vendor comments (NVD) for CVE-2007-6203

  • Apache (2008-06-09T00:00:00)

    The Apache Software Foundation security team does not consider this issue to be a security vulnerability. In order to exploit this for cross-site scripting, the attacker would have to get the victim to supply an arbitrary malformed HTTP method to a target site.

  • Red Hat (2007-12-06T00:00:00)

    Red Hat does not consider this issue to be a vulnerability. In order to exploit this for cross-site scripting, the attacker would have to get the victim to supply an arbitrary malformed HTTP method to a target site.

Affected software / configurations for CVE-2007-6203

Vendor Product Version Raw CPE
apache http_server 2.0.46 cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*
apache http_server 2.0.47 cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
apache http_server 2.0.48 cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*
apache http_server 2.0.49 cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*
apache http_server 2.0.50 cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*
apache http_server 2.0.51 cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*
apache http_server 2.0.52 cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*
apache http_server 2.0.53 cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*
apache http_server 2.0.54 cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*
apache http_server 2.0.55 cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*
apache http_server 2.0.57 cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*
apache http_server 2.0.58 cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*
apache http_server 2.0.59 cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*
apache http_server 2.1.1 cpe:2.3:a:apache:http_server:2.1.1:*:*:*:*:*:*:*
apache http_server 2.1.2 cpe:2.3:a:apache:http_server:2.1.2:*:*:*:*:*:*:*
apache http_server 2.1.3 cpe:2.3:a:apache:http_server:2.1.3:*:*:*:*:*:*:*
apache http_server 2.1.4 cpe:2.3:a:apache:http_server:2.1.4:*:*:*:*:*:*:*
apache http_server 2.1.5 cpe:2.3:a:apache:http_server:2.1.5:*:*:*:*:*:*:*
apache http_server 2.1.6 cpe:2.3:a:apache:http_server:2.1.6:*:*:*:*:*:*:*
apache http_server 2.1.7 cpe:2.3:a:apache:http_server:2.1.7:*:*:*:*:*:*:*
apache http_server 2.1.8 cpe:2.3:a:apache:http_server:2.1.8:*:*:*:*:*:*:*
apache http_server 2.2.0 cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
apache http_server 2.2.2 cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
apache http_server 2.2.3 cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
apache http_server 2.2.4 cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*

References for CVE-2007-6203

URL Tags
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html
http://marc.info/?l=bugtraq&m=125631037611762&w=2
http://marc.info/?l=bugtraq&m=129190899612998&w=2
http://procheckup.com/Vulnerability_PR07-37.php Exploit
http://secunia.com/advisories/27906 Vendor Advisory
http://secunia.com/advisories/28196 Vendor Advisory
http://secunia.com/advisories/29348 Vendor Advisory
http://secunia.com/advisories/29420 Vendor Advisory
http://secunia.com/advisories/29640 Vendor Advisory
http://secunia.com/advisories/30356 Vendor Advisory
http://secunia.com/advisories/30732 Vendor Advisory
http://secunia.com/advisories/33105 Vendor Advisory
http://secunia.com/advisories/34219 Vendor Advisory
http://security.gentoo.org/glsa/glsa-200803-19.xml
http://securityreason.com/securityalert/3411
http://www-1.ibm.com/support/docview.wss?uid=swg1PK57952
http://www-1.ibm.com/support/docview.wss?uid=swg24019245
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html
http://www.securityfocus.com/archive/1/484410/100/0/threaded
http://www.securityfocus.com/bid/26663 Exploit
http://www.securitytracker.com/id?1019030
http://www.ubuntu.com/usn/USN-731-1
http://www.vupen.com/english/advisories/2007/4060
http://www.vupen.com/english/advisories/2007/4301
http://www.vupen.com/english/advisories/2008/0924/references
http://www.vupen.com/english/advisories/2008/1623/references
http://www.vupen.com/english/advisories/2008/1875/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/38800
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12166
cvelogic Threat Intelligence