New Search

XMLHttpRequest Header Spoofing Vulnerability

oval:org.mitre.oval:def:1089

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest and possibly use the client to exploit vulnerabilities in servers or proxies including HTTP request smuggling and HTTP request splitting.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows NT
  • Microsoft Windows Server 2003
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2005-2703
Product(s):
  • mozilla