Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2830

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2830
Last Modified 07 Mar 2011 09:25:05
Published 14 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2830

Summary

Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

BID - 15825

MS - MS05-054

VUPEN - ADV-2005-2909

VUPEN - ADV-2005-2867

XF - ie-https-proxy-information-disclosure(23451)

MISC - http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf

SECTRACK - 1015350

SECUNIA - 18311

SECUNIA - 18064

SECUNIA - 15368


Last Updated: 27 May 2016 10:40:39