Computer Security
[EN] no-pyccku

Microsoft Internet Explorer XmlHTTPRequest object request and response spoofing
SecurityVulns ID:6179
Threat Level:
Description:It's possible to spoof client application request and, under some conditions, server reply by using Microsoft.XMLHTTP object.
Affected:MICROSOFT : Internet Explorer 5.5
 MICROSOFT : Internet Explorer 6.0
Original documentdocumentAmit Klein (AKsecurity), Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)" (25.05.2006)
 documentAmit Klein (AKsecurity), "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein (25.05.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod