Home page logo

bugtraq logo Bugtraq mailing list archives

Re: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
From: Yutaka OIWA <y.oiwa () aist go jp>
Date: Tue, 27 Sep 2005 21:34:11 +0900

Hello Amit,

"Amit Klein (AKsecurity)" <aksecurity () hotpop com> writes:


This kind of bugs are already fixed in recent Mozilla browsers,
as shown in your reference [4].

[4] "setRequestHeader can be exploited using newline characters", 
Bugzilla bug 297078
https://bugzilla.mozilla.org/show_bug.cgi?id=297078 and 
"XMLHttpRequest allows dangerous request headers to be set", 
Bugzilla bug 302263

see comment #15 of bug 297078.


Yutaka OIWA                        Research Center for Information Security
    National Institute of Advanced Industrial Science and Technology (AIST)
                      Mail addresses: <y.oiwa () aist go jp>, <yutaka () oiwa jp>
OpenPGP: id[995DD3E1] fp[3C21 17D0 D953 77D3 02D7 4FEC 4754 40C1 995D D3E1]

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]