Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
References
Configurations
Configuration 1 (hide)
|
History
23 Jul 2021, 15:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:microsoft:ie:5.5:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.3502.1000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.5:preview:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.0.1:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.71.1008.3:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.3790.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.0.2900:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.2479.0006:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.2900.2180:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.2.3:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.2314.1003:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.72.3612.1713:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.5:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.5:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.3103.1000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.00.6000.16441:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:3.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.0.2800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.70.1158:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.3315.1000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.0.2600:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.70.1300:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.50.3825.1300:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.0.2800.1106:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.0518.10:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.40.520:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.01:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.70.1215:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.0:beta:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.00.5730.1100:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.0:beta1:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.01:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.3105.0106:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.2462.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.70.1155:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.0.5730.11:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.2800.1106:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.50.4308.2900:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.2614.3500:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.50.4522.1800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.3314.2101:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.3700.1000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.01:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.3663.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.00.6000.16386:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.71.1712.6:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.0.1:sp3:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.3790.3959:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.5:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7.0:beta3:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.01:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.2919.800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:3.2:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.2014.0216:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.2919.6307:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.0.2900.2180:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:7:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.01:sp4:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.40.308:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6.00.3790.1830:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.0.1:sp4:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.72.3110.8:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.2919.3800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.50.4030.2400:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.01:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:3.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.01:sp3:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.0.1:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.72.2106.8:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.0.1:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.2920.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:6:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.50.4134.0600:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:4.71.544:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.00.0910.1309:*:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.0.1:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:ie:5.50.4807.2300:*:*:*:*:*:*:* |
cpe:2.3:a:microsoft:internet_explorer:5.50.3825.1300:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.50.4030.2400:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.50.4807.2300:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.50.4522.1800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.50.4308.2900:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0600:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:* |
Information
Published : 2009-06-15 19:30
Updated : 2024-02-04 17:33
NVD link : CVE-2009-2057
Mitre link : CVE-2009-2057
CVE.ORG link : CVE-2009-2057
JSON object : View
Products Affected
microsoft
- internet_explorer
- ie
CWE
CWE-287
Improper Authentication