New Search

Request Header Cross-Domain Information Disclosure Vulnerability

oval:org.mitre.oval:def:5291

The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01 6 and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name which allows remote attackers to (1) conduct HTTP request splitting and HTTP request smuggling attacks via an incorrect Content-Length header (2) access arbitrary virtual hosts via a modified Host header (3) bypass referrer restrictions via an incorrect Referer header and (4) bypass the same-origin policy and obtain sensitive information via a crafted request header.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003
  • Microsoft Windows Vista
Class:
vulnerability
Reference(s):
  • CVE-2008-1544
Product(s):
  • Microsoft Internet Explorer 7
  • Microsoft Internet Explorer 6
  • Microsoft Internet Explorer 5.01