XML HTTP Request Manipulation in Firefox and Mozilla Suite by Mozzarella
CVE-2005-2703

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla Suite
Vendor: CVE Published:; 23 September 2005

Summary

The vulnerability found in Firefox versions prior to 1.0.7 and Mozilla Suite versions before 1.7.12 allows remote attackers to manipulate HTTP headers in XML HTTP requests using XMLHttpRequest. This exploitation could potentially enable attackers to perform malicious actions against web servers, such as HTTP request smuggling and splitting, leading to unauthorized access and data breaches.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

https://exchange.xforce.ibmcloud.com/vulnerabilities/22376

vdb-entryx_refsource_XF

http://www.debian.org/security/2005/dsa-868

vendor-advisoryx_refsource_DEBIAN

Timeline

Vulnerability published
Sep 23, 2005
Vulnerability Reserved
Aug 26, 2005