Detections
Analytics
CVE-2005-2703
critical
Description
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767
https://exchange.xforce.ibmcloud.com/vulnerabilities/22376
http://www.vupen.com/english/advisories/2005/1824
http://www.ubuntu.com/usn/usn-200-1
http://www.securityfocus.com/bid/15495
http://www.securityfocus.com/bid/14923
http://www.redhat.com/support/errata/RHSA-2005-791.html
http://www.redhat.com/support/errata/RHSA-2005-789.html
http://www.redhat.com/support/errata/RHSA-2005-785.html
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
http://www.mozilla.org/security/announce/mfsa2005-58.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
http://www.debian.org/security/2005/dsa-868
http://www.debian.org/security/2005/dsa-866
http://www.debian.org/security/2005/dsa-838
http://securitytracker.com/id?1014954
http://secunia.com/advisories/17284
http://secunia.com/advisories/17263
http://secunia.com/advisories/17149
http://secunia.com/advisories/17090
http://secunia.com/advisories/17042
http://secunia.com/advisories/17026
http://secunia.com/advisories/17014
http://secunia.com/advisories/16977