PT-2003-2504 · Microsoft · Internet Explorer

Deane

Publicado

2003-12-31

Atualizado

2021-07-23

CVE-2003-1559

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5 through 6 SP1 Microsoft Internet Explorer version 5.22

Description The issue allows remote attackers to obtain potentially sensitive information by reading Referer log data. This occurs because Microsoft Internet Explorer sends Referer headers containing https:// URLs in requests for http:// URLs.

Recommendations For Microsoft Internet Explorer version 5.22, update to a version that does not send Referer headers with https:// URLs in requests for http:// URLs. For Microsoft Internet Explorer versions 5 through 6 SP1, update to a version that does not send Referer headers with https:// URLs in requests for http:// URLs.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2003-1559

Produtos afetados

Internet Explorer

PT-2003-2504 · Microsoft · Internet Explorer

CVE-2003-1559

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6