# Forum in English  > News  > Vulnerabilities  >  Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities

## HATTIFNATTOR

Stefano Di Paola has reported some vulnerabilities in Internet Explorer, which can be exploited by malicious people to conduct HTTP request smuggling/splitting attacks. 

The problem is that it is possible to modify certain headers via "setRequestHeader()", which can be exploited to e.g. inject arbitrary HTTP requests by setting the "Transfer-Encoding" header to "chunked" or to overwrite certain headers (e.g. "Content-Length", "Host", and "Referer"). 

The vulnerabilities are reported in version 7.0.5730.11. Other versions may also be affected. 

http://secunia.com/advisories/29453/

----------

