var-200512-0322
Vulnerability from variot
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks. Microsoft Internet Explorer is prone to a weakness that permits the injection of arbitrary HTTP requests due to improper verification of parameters passed to XmlHttpRequest. An attacker may craft a website that instantiates the affected control and forces the browser to request a site on the same host (or another host in case a forwarding proxy is employed). The attacker would then intercept the response and steal sensitive data to aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0322",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "14969"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Amit Klein.",
"sources": [
{
"db": "BID",
"id": "14969"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.9
},
"cve": "CVE-2005-4827",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2005-4827",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-16035",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-4827",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-877",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-16035",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks. Microsoft Internet Explorer is prone to a weakness that permits the injection of arbitrary HTTP requests due to improper verification of parameters passed to XmlHttpRequest. \nAn attacker may craft a website that instantiates the affected control and forces the browser to request a site on the same host (or another host in case a forwarding proxy is employed). The attacker would then intercept the response and steal sensitive data to aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "VULHUB",
"id": "VHN-16035"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-4827",
"trust": 2.0
},
{
"db": "BID",
"id": "14969",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-16035",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"id": "VAR-200512-0322",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:13:30.130000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/14969"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/411585"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2007/feb/0081.html"
},
{
"trust": 0.3,
"url": "/archive/1/411585"
},
{
"trust": 0.3,
"url": "/archive/1/459172"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-16035"
},
{
"date": "2005-09-24T00:00:00",
"db": "BID",
"id": "14969"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-877"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-16035"
},
{
"date": "2015-05-12T19:52:00",
"db": "BID",
"id": "14969"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-877"
},
{
"date": "2024-11-21T00:05:16.627000",
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer XmlHttpRequest Parameter validation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.