CVE-2005-4874

EPSS 0.09% · P26 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2005-4874

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web server that hosts this object.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Mozilla 代码注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Mozilla是种公开发放、免费使用、开放源码的WEB浏览器，可运行于绝大多数Unix/Linux系统上，也可运行在MacOS和微软Windows 9x/ME/NT/2000/XP上。 Mozilla 1.7.8版本的XMLHttpRequest对象中存在代码注入漏洞，该漏洞源于程序支持HTTP TRACE方法。远程攻击者可借助带有Max-Forwards: 0头的请求利用该漏洞获取代理身份验证密码，或托管该对象的Web服务器上的任意本地密码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2005-4874

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2005-4874

请登录查看更多情报信息。

Vendor Advisories for CVE-2005-4874 (3)

https://bugzilla.mozilla.org/show_bug.cgi?id=302489x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=297078x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/41553vdb-entryx_refsource_XF

https://nvd.nist.gov/vuln/detail/CVE-2005-4874

Same Patch Batch · n/a · 2008-03-28 · 20 CVEs total

CVE-2008-1535		Joomla! Matti Kiviharju rekry 'op_id'参数 SQL注入漏洞
CVE-2008-1533		Joomla! 'XML-RPC Blogger API plugin'未明漏洞
CVE-2008-1532		Perlbal 缓冲区零字节上传远程拒绝服务漏洞
CVE-2008-1240		Mozilla Firefox/Thunderbird/SeaMonkey jar:协议处理错误漏洞
CVE-2008-1541		HIS WebShop 'his-webshop.pl' 目录遍历漏洞
CVE-2008-1540		Joomla! Mambo Datsogallery模块 'id' 参数 SQL注入漏洞
CVE-2008-1539		PHP-Nuke Platinum 'dynamic_titles.php' SQL注入漏洞
CVE-2008-1538		ManageEngine EventLog Analyzer 跨站脚本攻击漏洞
CVE-2008-1537		PowerBook '/index.php' 目录遍历漏洞
CVE-2008-1536		PICTURESPRO Photo Cart 'index.php' 跨站脚本攻击漏洞
CVE-2008-0704		HP TCP/IP Services for OpenVMS SSH 未明远程未授权访问漏洞
CVE-2008-1534		PowerPHPBoard 'settings[]'参数多个目录遍历漏洞
CVE-2008-0926		Novell eDirectory eMBox工具edirutil命令绕过认证漏洞
CVE-2008-0924		Novell eDirectory LDAP扩展请求消息缓冲区溢出漏洞
CVE-2008-1546		Mitsubishi Electric GB-50A Java applet远程绕过认证漏洞
CVE-2008-1545		Microsoft Internet Explorer安全漏洞
CVE-2008-1544		Microsoft IE 7 setRequestHeader()函数请求拆分漏洞
CVE-2008-1543		Airspan WiMAX ProST ProST web管理组件信任管理漏洞
CVE-2008-1542		Airspan Base Station Distribution Unit 信任管理问题漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2005-4874

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2005-4874

I. Basic Information for CVE-2005-4874

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2005-4874

III. Intelligence Information for CVE-2005-4874

Vendor Advisories for CVE-2005-4874 (3)

Same Patch Batch · n/a · 2008-03-28 · 20 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2005-4874

Leave a comment