Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 7 does not restrict the dangerous Transfer-Encoding HTTP request header, which allows remote attackers to conduct HTTP request splitting and HTTP request smuggling attacks via a POST containing a "Transfer-Encoding: chunked" header and a request body with an incorrect chunk size.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer安全漏洞
Vulnerability Description
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。 Microsoft Internet Explorer 7中的XMLHttpRequest对象的setRequestHeader方法,并不限制危险的转换-编码的HTTP请求页眉,这使得远程攻击者可以借助一个POST和一个request body,执行HTTP请求分裂攻击和HTTP请求走私攻击(HTTP request splitting and HTTP re
CVSS Information
N/A
Vulnerability Type
N/A