CVE Vulnerabilities

CVE-2004-0869

Published: Sep 16, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka Cross Security Boundary Cookie Injection.

Affected Software

Name Vendor Start Version End Version
Ie Microsoft 6-windows_server_2003_sp1 (including) 6-windows_server_2003_sp1 (including)

References