CVE-2005-4874

Name of the Vulnerable Software and Affected Versions: Mozilla version 1.7.8

Description: The issue concerns the XMLHttpRequest object, which supports the HTTP TRACE method. This allows remote attackers to obtain proxy authentication passwords via a request with a "Max-Forwards: 0" header or arbitrary local passwords on the web server hosting this object.

Recommendations: For Mozilla version 1.7.8, consider disabling the HTTP TRACE method to prevent exploitation until a patch is available. Restrict access to the XMLHttpRequest object to minimize the risk of obtaining sensitive information.