CVE-2003-1559

2008-07-1423:00:00

mitre

www.cve.org

AI Score

6.2

Confidence

Low

EPSS

0.021

Percentile

89.4%

JSON

Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

References

securityreason.com/securityalert/3989

www.gadgetopia.com/2003/12/23/OutlookWebAccessPrivacyHole.html

www.securityfocus.com/archive/1/348360

www.securityfocus.com/archive/1/348574

www.securityfocus.com/bid/9295