Design/Logic Flaw

The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to 1 conduct HTTP request splitting and HTTP...

Microsoft IE 7 setRequestHeader()函数多个请求拆分/渗透漏洞

BUGTRAQ ID: 28379 Internet Explorer是微软发布的非常流行的WEB浏览器。 IE 7允许通过HTTP请求拆分攻击覆盖Content-Length、Host和Referer等HTTP头，导致HTTP头信息欺骗。 类似于以下javascript： ---------------------------------------------- var x=new XMLHttpRequest; x.open"POST","/"; forf=127;f255;f++ try...

Microsoft XMLHTTP Control Open Method Code Execution (MS06-071; CVE-2006-5745)

XML HTTP, an ActiveX control that is included in Microsoft XML Core Services MSXML, is vulnerable to remote code execution. MSXML is an application for processing Extensible Stylesheet Language Transformation in an XML file that allows programmers to create high-performance XML-based applications...

CVE-2006-5745

CVE-2006-5745 describes a memory-corruption vulnerability in the XMLHTTP ActiveX Control (MSXML4) used by Internet Explorer on Windows, enabling remote code execution when an attacker crafts arguments to setRequestHeader in the XMLHTTP 4.0 control. The issue affects Microsoft XML Core Services 4....

Malicious setRequestHeader cross-site vulnerability

A malicious setRequestHeader can be used to stealuser credentials and inject cross-site JavaScript...

Malicious setRequestHeader cross-site vulnerability – Opera Security Advisories

Malicious setRequestHeader cross-site vulnerability – Opera Security Advisories OPCOM Team | September 29, 2005 Summary A malicious setRequestHeader can be used to stealuser credentials and inject cross-site JavaScript. Severity: high Opera’s response Since version 8.02 of Opera, double newlineso...