// For flags

CVE-2005-2703

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-08-26 CVE Reserved
  • 2005-09-23 CVE Published
  • 2023-04-05 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (33)
URL Date SRC
URL Date SRC
URL Date SRC
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt 2017-10-11
http://secunia.com/advisories/16911 2017-10-11
http://secunia.com/advisories/16917 2017-10-11
http://secunia.com/advisories/16977 2017-10-11
http://secunia.com/advisories/17014 2017-10-11
http://secunia.com/advisories/17026 2017-10-11
http://secunia.com/advisories/17042 2017-10-11
http://secunia.com/advisories/17090 2017-10-11
http://secunia.com/advisories/17149 2017-10-11
http://secunia.com/advisories/17263 2017-10-11
http://secunia.com/advisories/17284 2017-10-11
http://www.debian.org/security/2005/dsa-838 2017-10-11
http://www.debian.org/security/2005/dsa-866 2017-10-11
http://www.debian.org/security/2005/dsa-868 2017-10-11
http://www.mandriva.com/security/advisories?name=MDKSA-2005:169 2017-10-11
http://www.mandriva.com/security/advisories?name=MDKSA-2005:170 2017-10-11
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174 2017-10-11
http://www.novell.com/linux/security/advisories/2005_58_mozilla.html 2017-10-11
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-785.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-789.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-791.html 2017-10-11
http://www.ubuntu.com/usn/usn-200-1 2017-10-11
https://access.redhat.com/security/cve/CVE-2005-2703 2005-10-06
https://bugzilla.redhat.com/show_bug.cgi?id=1617744 2005-10-06
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
Firefox
Search vendor "Mozilla" for product "Firefox"
<= 1.0.6
Search vendor "Mozilla" for product "Firefox" and version " <= 1.0.6"
-
Affected
Mozilla
Search vendor "Mozilla"
Firefox
Search vendor "Mozilla" for product "Firefox"
1.0
Search vendor "Mozilla" for product "Firefox" and version "1.0"
-
Affected
Mozilla
Search vendor "Mozilla"
Firefox
Search vendor "Mozilla" for product "Firefox"
1.0.1
Search vendor "Mozilla" for product "Firefox" and version "1.0.1"
-
Affected
Mozilla
Search vendor "Mozilla"
Firefox
Search vendor "Mozilla" for product "Firefox"
1.0.2
Search vendor "Mozilla" for product "Firefox" and version "1.0.2"
-
Affected
Mozilla
Search vendor "Mozilla"
Firefox
Search vendor "Mozilla" for product "Firefox"
1.0.3
Search vendor "Mozilla" for product "Firefox" and version "1.0.3"
-
Affected
Mozilla
Search vendor "Mozilla"
Firefox
Search vendor "Mozilla" for product "Firefox"
1.0.4
Search vendor "Mozilla" for product "Firefox" and version "1.0.4"
-
Affected
Mozilla
Search vendor "Mozilla"
Firefox
Search vendor "Mozilla" for product "Firefox"
1.0.5
Search vendor "Mozilla" for product "Firefox" and version "1.0.5"
-
Affected
Mozilla
Search vendor "Mozilla"
Mozilla Suite
Search vendor "Mozilla" for product "Mozilla Suite"
<= 1.7.11
Search vendor "Mozilla" for product "Mozilla Suite" and version " <= 1.7.11"
-
Affected
Mozilla
Search vendor "Mozilla"
Mozilla Suite
Search vendor "Mozilla" for product "Mozilla Suite"
1.7.6
Search vendor "Mozilla" for product "Mozilla Suite" and version "1.7.6"
-
Affected
Mozilla
Search vendor "Mozilla"
Mozilla Suite
Search vendor "Mozilla" for product "Mozilla Suite"
1.7.7
Search vendor "Mozilla" for product "Mozilla Suite" and version "1.7.7"
-
Affected
Mozilla
Search vendor "Mozilla"
Mozilla Suite
Search vendor "Mozilla" for product "Mozilla Suite"
1.7.8
Search vendor "Mozilla" for product "Mozilla Suite" and version "1.7.8"
-
Affected
Mozilla
Search vendor "Mozilla"
Mozilla Suite
Search vendor "Mozilla" for product "Mozilla Suite"
1.7.10
Search vendor "Mozilla" for product "Mozilla Suite" and version "1.7.10"
-
Affected