New Search

XMLHttpRequest Header Spoofing Vulnerability

oval:org.mitre.oval:def:1089

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest and possibly use the client to exploit vulnerabilities in servers or proxies including HTTP request smuggling and HTTP request splitting.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows NT
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2005-2703
Product(s):
  • mozilla