[Japanese]

JVNDB-2005-000530

Vulnerability in multiple web browsers allowing request spoofing attacks

Overview

Multiple web browsers contain a vulnerability in the processing of XmlHttpRequest objects. XmlHttpRequest objects available in JavaScript provide a function to communicate with a server without reloading a web page.

In general, JavaScript only allows communication within the same domain of the web page; however, an attacker could bypass this restriction by exploiting this vulnerability.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


mozilla.org contributors
  • Mozilla Firefox 1.0.6 and earlier
  • Mozilla Suite 1.7.11 and earlier
Opera Software ASA
  • Opera 8.02 and earlier
Turbolinux, Inc.
  • Turbolinux 10_f
  • Turbolinux Desktop 10
  • Turbolinux Multimedia
  • Turbolinux Personal
  • Turbolinux Server 10
  • Turbolinux Home
MIRACLE LINUX CORPORATION
  • Asianux Server 2.0 Standard Edition
  • Asianux Server 2.1 Standard Edition
  • Asianux Server 3.0
  • Asianux Server 3.0 (x86-64)
  • Asianux Server 4.0
  • Asianux Server 4.0 (x86-64)
Red Hat, Inc.
  • Red Hat Enterprise Linux 2.1 (as)
  • Red Hat Enterprise Linux 3 (as)
  • Red Hat Enterprise Linux 4 (as)
  • Red Hat Enterprise Linux 2.1 (es)
  • Red Hat Enterprise Linux 3 (es)
  • Red Hat Enterprise Linux 4 (es)
  • Red Hat Enterprise Linux 2.1 (ws)
  • Red Hat Enterprise Linux 3 (ws)
  • Red Hat Enterprise Linux 4 (ws)
  • Red Hat Enterprise Linux Desktop 3.0
  • Red Hat Enterprise Linux Desktop 4.0
  • Red Hat Linux Advanced Workstation 2.1

Impact

Authentication information or cookie information could be leaked.
Solution

Vendor Information

mozilla.org contributors Opera Software ASA
  • Opera knowledge base : 810
Turbolinux, Inc. MIRACLE LINUX CORPORATION Red Hat, Inc.
CWE (What is CWE?)

  1. Code Injection(CWE-94) [NVD Evaluation]
CVE (What is CVE?)

  1. CVE-2005-2703
References

  1. JVN : JVN#31226748
  2. National Vulnerability Database (NVD) : CVE-2005-2703
  3. Secunia Advisory : SA16911
  4. SecurityFocus : 14923
  5. FrSIRT Advisories : FrSIRT/ADV-2005-1824
Revision History

  • [2008/05/21]
      Web page published