Deane

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 5 through 6 SP1 Microsoft Internet Explorer version 5.22 **Description** The issue allows remote attackers to obtain potentially sensitive information by reading Referer log data. This occurs because Microsoft Internet Explorer sends Referer headers containing https:// URLs in requests for http:// URLs. **Recommendations** For Microsoft Internet Explorer version 5.22, update to a version that does not send Referer headers with https:// URLs in requests for http:// URLs. For Microsoft Internet Explorer versions 5 through 6 SP1, update to a version that does not send Referer headers with https:// URLs in requests for http:// URLs.