Unrated severityNVD Advisory· Published Sep 23, 2005· Updated Jun 16, 2026
CVE-2005-2703
CVE-2005-2703
Description
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=1.0.6
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
- (no CPE)range: <1.0.7
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*range: <=1.7.11
- cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
- (no CPE)range: <1.7.12
Patches
Vulnerability mechanics
References
31- secunia.com/advisories/16911nvdVendor Advisory
- secunia.com/advisories/16917nvdVendor Advisory
- secunia.com/advisories/16977nvdVendor Advisory
- secunia.com/advisories/17014nvdVendor Advisory
- secunia.com/advisories/17026nvdVendor Advisory
- secunia.com/advisories/17042nvdVendor Advisory
- secunia.com/advisories/17090nvdVendor Advisory
- secunia.com/advisories/17149nvdVendor Advisory
- secunia.com/advisories/17263nvdVendor Advisory
- secunia.com/advisories/17284nvdVendor Advisory
- ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txtnvd
- securitytracker.com/idnvd
- www.debian.org/security/2005/dsa-838nvd
- www.debian.org/security/2005/dsa-866nvd
- www.debian.org/security/2005/dsa-868nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mozilla.org/security/announce/mfsa2005-58.htmlnvd
- www.novell.com/linux/security/advisories/2005_58_mozilla.htmlnvd
- www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-785.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-789.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-791.htmlnvd
- www.securityfocus.com/bid/14923nvd
- www.securityfocus.com/bid/15495nvd
- www.ubuntu.com/usn/usn-200-1nvd
- www.vupen.com/english/advisories/2005/1824nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/22376nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089nvd
News mentions
0No linked articles in our index yet.