Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-2064
HistoryJun 15, 2009 - 7:30 p.m.

CVE-2009-2064

2009-06-1519:30:00
CWE-287
[email protected]
web.nvd.nist.gov
35
microsoft
internet explorer
security
https
http
man-in-the-middle
web script
vulnerability
cve-2009-2064

7.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.3%

JSON

Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https siteโ€™s context, by modifying an http page to include an https iframe that references a script file on an http site, related to โ€œHTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages.โ€

Related

cvelist 1
prion 1
openvas 2
seebug 1
cvelist
cvelist
CVE-2009-2064
2009-06-15 19:00:00
prion
prion
Design/Logic Flaw
2009-06-15 19:30:00
openvas
openvas
Microsoft Internet Explorer Web Script Execution Vulnerabilities
2009-06-17 00:00:00
Microsoft Internet Explorer Web Script Execution Vulnerabilities
2009-06-17 00:00:00
seebug
seebug
ๅคšไธชๆต่งˆๅ™จHTTPSๅ†…ๅฎนไธŠไธ‹ๆ–‡ไธญ็š„HTTP่ต„ๆบๅฎ‰ๅ…จ็ป•่ฟ‡ๆผๆดž
2009-06-22 00:00:00

7.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.3%

JSON
Related for CVE-2009-2064
cvelist1prion1openvas2seebug1