Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka Encoded Characters Information Disclosure.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ie | Microsoft | 6.0-sp1 (including) | 6.0-sp1 (including) |
Internet_explorer | Microsoft | 5.0.1 (including) | 5.0.1 (including) |
Internet_explorer | Microsoft | 5.0.1-sp1 (including) | 5.0.1-sp1 (including) |
Internet_explorer | Microsoft | 5.0.1-sp2 (including) | 5.0.1-sp2 (including) |
Internet_explorer | Microsoft | 5.5 (including) | 5.5 (including) |
Internet_explorer | Microsoft | 5.5-sp1 (including) | 5.5-sp1 (including) |
Internet_explorer | Microsoft | 5.5-sp2 (including) | 5.5-sp2 (including) |
Internet_explorer | Microsoft | 6.0 (including) | 6.0 (including) |