Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different SSL Certificate Validation vulnerabilities.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ie | Microsoft | 4.0 (including) | 4.0 (including) |
| Ie | Microsoft | 4.0.1 (including) | 4.0.1 (including) |
| Ie | Microsoft | 5 (including) | 5 (including) |
| Ie | Microsoft | 5.0 (including) | 5.0 (including) |
| Ie | Microsoft | 5.0.1 (including) | 5.0.1 (including) |
| Internet_explorer | Microsoft | 4.0 (including) | 4.0 (including) |
References
- http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt
- http://www.cert.org/advisories/CA-2000-10.html
- http://www.securityfocus.com/bid/1309
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4624
- http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt
- http://www.cert.org/advisories/CA-2000-10.html
- http://www.securityfocus.com/bid/1309
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4624