Microsoft Windows XMLHTTP proxy problem - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Microsoft Windows XMLHTTP proxy problem
Published: 04.02.2007
Source: FULL-DISCLOSURE
SecurityVulns ID: 7173
Type: client
Level: 6/10
Description: Because of insufficient request validation Msxml2.XMLHTTP ActiveX object can be used to proxy HTTML request via client browser.

Affected: MICROSOFT : Windows XP
MICROSOFT : Windows Vista

Original document Michal Zalewski, [Full-disclosure] Web 2.0 backdoors made easy with MSIE & XMLHttpRequest (04.02.2007)

Discuss: Read or add your comments to this news (0 comments)