CVE-2005-2094

2005-07-05T00:00:00
ID CVE-2005-2094
Type cve
Reporter NVD
Modified 2017-07-10T21:32:46

Description

Sun SunONE web server 6.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes SunONE to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."