Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1559

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1559
Last Modified 29 Jan 2009 12:28:34
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1559

Summary

Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

Vulnerable Systems

Application

  • Microsoft Ie 5.22

  • Microsoft Ie 5.5

  • Microsoft Ie 6


References

BID - 9295

BUGTRAQ - 20031230 RE: IE 5.22 on Mac Transmitting HTTP Referer from Secure Page

BUGTRAQ - 20031224 IE 5.22 on Mac Transmitting HTTP Referer from Secure Page

MISC - http://www.gadgetopia.com/2003/12/23/OutlookWebAccessPrivacyHole.html

SREASON - 3989


Last Updated: 27 May 2016 10:38:24