Vulnerability Description
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Ie | 6 |
| Microsoft | Internet Explorer | 6 |
| Canon | Network Camera Server Vb101 | All versions |
References
- http://seclists.org/fulldisclosure/2007/Feb/0081.htmlVendor Advisory
- http://www.securityfocus.com/archive/1/411585Exploit
- http://www.securityfocus.com/archive/1/459172/100/0/threaded
- http://www.securityfocus.com/bid/14969
- http://seclists.org/fulldisclosure/2007/Feb/0081.htmlVendor Advisory
- http://www.securityfocus.com/archive/1/411585Exploit
- http://www.securityfocus.com/archive/1/459172/100/0/threaded
- http://www.securityfocus.com/bid/14969
FAQ
What is CVE-2005-4827?
CVE-2005-4827 is a vulnerability with a CVSS score of 7.5 (HIGH). Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequ...
How severe is CVE-2005-4827?
CVE-2005-4827 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4827?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie, Microsoft Internet Explorer, Canon Network Camera Server Vb101.