Unrated severityNVD Advisory· Published Sep 23, 2005· Updated Apr 16, 2026
CVE-2005-2703
CVE-2005-2703
Description
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.
Affected products
12cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=1.0.6
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*range: <=1.7.11
- cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
31- secunia.com/advisories/16911nvdVendor Advisory
- secunia.com/advisories/16917nvdVendor Advisory
- secunia.com/advisories/16977nvdVendor Advisory
- secunia.com/advisories/17014nvdVendor Advisory
- secunia.com/advisories/17026nvdVendor Advisory
- secunia.com/advisories/17042nvdVendor Advisory
- secunia.com/advisories/17090nvdVendor Advisory
- secunia.com/advisories/17149nvdVendor Advisory
- secunia.com/advisories/17263nvdVendor Advisory
- secunia.com/advisories/17284nvdVendor Advisory
- ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txtnvd
- securitytracker.com/idnvd
- www.debian.org/security/2005/dsa-838nvd
- www.debian.org/security/2005/dsa-866nvd
- www.debian.org/security/2005/dsa-868nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mozilla.org/security/announce/mfsa2005-58.htmlnvd
- www.novell.com/linux/security/advisories/2005_58_mozilla.htmlnvd
- www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-785.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-789.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-791.htmlnvd
- www.securityfocus.com/bid/14923nvd
- www.securityfocus.com/bid/15495nvd
- www.ubuntu.com/usn/usn-200-1nvd
- www.vupen.com/english/advisories/2005/1824nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/22376nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089nvd
News mentions
0No linked articles in our index yet.