ID de Prueba:	1.3.6.1.4.1.25623.1.0.803305
Categoría:	Windows
Título:	Microsoft Internet Explorer Information Disclosure and Web Site Spoofing Vulnerabilities
Resumen:	Microsoft Internet Explorer is prone to information disclosure and web site spoofing vulnerabilities.
Descripción:	Summary: Microsoft Internet Explorer is prone to information disclosure and web site spoofing vulnerabilities. Vulnerability Insight: The proxy settings configuration has same proxy address and value for HTTP and HTTPS, - TCP session to proxy sever will not properly be reused. This allows remote attackers to steal cookie information via crafted HTML document. - SSl lock consistency with address bar is not ensured. This allows remote attackers to spoof web sites via a crafted HTML document. Vulnerability Impact: Successful exploitation allows attackers to disclose the sensitive information and view the contents of spoofed site or carry out phishing attacks. Affected Software/OS: Microsoft Internet Explorer versions 8 and 9. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.0 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1450 http://pastebin.com/raw.php?i=rz9BcBey http://www.youtube.com/ChristianHaiderPoC http://www.youtube.com/watch?v=TPqagWAvo8U Common Vulnerability Exposure (CVE) ID: CVE-2013-1451
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.