Back to search
CVE-2005-4874
Published: Mar 28, 2008
Modified: Aug 8, 2024
PUBLISHED
Description
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web server that hosts this object.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.mozilla.org/show_bug.cgi?id=297078
x_refsource_CONFIRM
mozilla-xmlhttprequest-info-disclosure(41553)
vdb-entry
x_refsource_XF
https://bugzilla.mozilla.org/show_bug.cgi?id=302489
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now