Microsoft Internet Explorer XmlHTTPRequest object request and response spoofing
news
/
advisories
/
software
/
search
/
[EN]
securityvulns.ru
no-pyccku
Microsoft Internet Explorer XmlHTTPRequest object request and response spoofing
Published:
25.05.2006
Source:
BUGTRAQ
SecurityVulns ID:
6179
Type:
client
Threat Level:
6
/10
Description:
It's possible to spoof client application request and, under some conditions, server reply by using Microsoft.XMLHTTP object.
Affected:
MICROSOFT
:
Internet Explorer 5.5
MICROSOFT
:
Internet Explorer 6.0
Original document
Amit Klein (AKsecurity)
,
Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"
(
25.05.2006
)
Amit Klein (AKsecurity)
,
"Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
(
25.05.2006
)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
