Описание
Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."
Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-1186
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A143
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A471
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A495
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0018.html
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0030.html
- http://www.iss.net/security_center/static/10039.php
- http://www.osvdb.org/7845
- http://www.securityfocus.com/bid/5610
EPSS
CVE ID
Связанные уязвимости
Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."
EPSS