3 matches found
CVE-2008-2558
CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over HTTPS, which might allow remote attackers to sniff the cookies if they are sent over HTTP...
CVE-2008-2558
CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over HTTPS, which might allow remote attackers to sniff the cookies if they are sent over HTTP...
CVE-2008-2558
CVE-2008-2558 affects CRE Loaded 6.2.13.1 and earlier. The issue is that cookies sent over HTTPS do not set the Secure attribute, potentially allowing cookie sniffing if transmitted over HTTP. Affected software: CRE Loaded 6.2.13.1 and earlier. Underlying cause: lack of Secure flag on HTTPS cooki...