| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <368109e0-1a07-aec4-a20d-8d6a6189fbf5@securify.nl> Date: Tue, 14 Mar 2017 22:03:24 +0100 From: "Securify B.V." <lists@...urify.nl> To: fulldisclosure@...lists.org Subject: [FD] Microsoft Edge Fetch API allows setting of arbitrary request headers ------------------------------------------------------------------------ Microsoft Edge Fetch API allows setting of arbitrary request headers ------------------------------------------------------------------------ Yorick Koster, January 2017 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ It was found that the Fetch API in Microsoft Edge allows websites to set arbitrary HTTP request headers, including the Content-Length, and Host headers. Amongst others, a malicious website can use this issue to bypass the same origin policy, read HTTP response headers, or initiate arbitrary HTTP requests from the victim's browser (HTTP request smuggling). ------------------------------------------------------------------------ See also ------------------------------------------------------------------------ - CVE-2017-0140 - MS17-007: Cumulative Security Update for Microsoft Edge (4013071) ------------------------------------------------------------------------ Tested versions ------------------------------------------------------------------------ This issue was successfully tested on Microsoft Edge version 38.14393.0.0 (EdgeHTML 14.14393). ------------------------------------------------------------------------ Fix ------------------------------------------------------------------------ Microsoft released MS17-007 that fixes this vulnerability. ------------------------------------------------------------------------ Details ------------------------------------------------------------------------ https://www.securify.nl/advisory/SFY20170101/microsoft_edge_fetch_api_allows_setting_of_arbitrary_request_headers.html _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists