Vulnerability Details CVE-2005-2830
Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.568
EPSS Ranking 98.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/15368
- http://secunia.com/advisories/18064
- http://secunia.com/advisories/18311
- http://securitytracker.com/id?1015350
- http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf
- http://www.securityfocus.com/bid/15825
- http://www.vupen.com/english/advisories/2005/2867
- http://www.vupen.com/english/advisories/2005/2909
- http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23451
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1097
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1101
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1143
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1317
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1435
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1521
- http://secunia.com/advisories/15368
- http://secunia.com/advisories/18064
- http://secunia.com/advisories/18311
- http://securitytracker.com/id?1015350
- http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf
- http://www.securityfocus.com/bid/15825
- http://www.vupen.com/english/advisories/2005/2867
- http://www.vupen.com/english/advisories/2005/2909
- http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23451
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1097
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1101
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1143
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1317
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1435
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1521
Products affected by CVE-2005-2830
-
cpe:2.3:a:microsoft:ie:6.0
-
cpe:2.3:a:microsoft:internet_explorer:5.0.1
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6.0