4 matches found
CVE-2009-2057
Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL...
SUSE CVE-2009-2057
Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL...
CVE-2009-2057
Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL...
CVE-2009-2057
Microsoft Internet Explorer prior to version 8 is described as vulnerable to an SSL-tampering style attack where the HTTP Host header is used to determine the document context in a 4xx or 5xx CONNECT response from a proxy. This allows a man-in-the-middle attacker to modify the CONNECT response an...