OVAL Repository - View Definition: oval:org.mitre.oval:def:143

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:143		Version: 1 Last Modified: 2005-09-20
Title:	Microsoft IE Encoded Characters Information Disclosure
Description:	Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2002-1186
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
the version of mshtml.dll is less than 6.0.2722.900 AND NOT the patch q328970 is installed (Installed Components key) AND NOT the patch q324929 is installed (Installed Components key) AND NOT the patch q810847 is installed (Installed Components key) AND NOT the patch q813489 is installed (Installed Components key) AND NOT the patch q818529 is installed (Installed Components key) AND NOT the patch q822925 is installed (Installed Components key) AND NOT the patch q828750 is installed (Installed Components key) AND NOT the patch q824145 is installed (Installed Components key) AND Internet Explorer 6 is installed

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest