Browser Security News

The Site for Web Browser Security Information

Welcome to Browser Security News

Because Web Browser Security Matters!

 

Your news resource for Internet Explorer, Firefox, Opera and Safari security news vulnerabilities, virus and other important information.

Categories

Archives

Feeds

CVE-2008-1545 (Internet Explorer)

March 31st, 2008 by News

The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 7 does not restrict the dangerous Transfer-Encoding HTTP request header, which allows remote attackers to conduct HTTP request splitting and HTTP request smuggling attacks via a POST containing a “Transfer-Encoding: chunked” header and a request body with an incorrect chunk size.

Read More…
Source: National Vulnerability Database

Posted in Internet Explorer, National Vulnerability Db |March 31st, 2008 by News|

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.