4 matches found
EUVD-2013-1487
Malware in sbrugna...
Microsoft Internet Explorer 信息泄露漏洞(CVE-2013-1450)
Bugtraq ID:57640 CVE ID: CVE-2013-1450 Microsoft Internet Explorer是一款流行的WEB浏览器。 在Microsoft Internet Explorer代理服务设置中,如果HTTP和Secure栏中具有相同代理地址和端口,I没有正确重用TCP会话,通过构建特制HTML文档,触发多个HTTPS请求,然后触发一个对该主机的HTTP请求,可获得特定主机的敏感信息。 0 Microsoft Internet Explorer 9 Microsoft Internet Explorer 8 厂商解决方案 目前没有详细解决方案提供:...
Design/Logic Flaw
Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent with the Address bar, which makes it easier for remote attackers to spoof web sites via a crafted...
CVE-2013-1450
Affected software: Microsoft Internet Explorer 8 and 9. Issue: When the Proxy Settings have the same address/port in HTTP and Secure rows, IE does not properly reuse TCP sessions to the proxy, allowing a remote attacker to obtain sensitive information (e.g., a Cookie header) via a crafted HTML do...