Lucene search

[email protected]NVD:CVE-2004-0869

HistorySep 16, 2004 - 4:00 a.m.

CVE-2004-0869

2004-09-1604:00:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.9%

JSON

Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka “Cross Security Boundary Cookie Injection.”

Affected configurations

NVD

Node

microsoftieMatch6windows_server_2003_sp1

References

securityfocus.com/archive/1/375407

securitytracker.com/id?1011332

www.westpoint.ltd.uk/advisories/wp-04-0001.txt

exchange.xforce.ibmcloud.com/vulnerabilities/17417

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.9%

JSON

Related for NVD:CVE-2004-0869

cvelist1 cve1 securityvulns1