CVE-2013-1450

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 8 and 9

Description The issue allows remote attackers to obtain sensitive information intended for a specific host via a crafted HTML document. This is achieved by triggering many HTTPS requests and then an HTTP request to the target host, potentially reading a Cookie header.

Recommendations For Microsoft Internet Explorer versions 8 and 9, consider configuring the Proxy Settings to use different Proxy address and Port values in the HTTP and Secure rows as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.