 |
||||||||||||
|
||||||||||||
|
||||||||||||
VPN: IE5 Cached Web Credentials Vulnerability Patch The prices: |
Free |
| The system requirements: |
Windows 95/98/Me/2000/XP |
| The restrictions: |
30-day trial |
| The developer: |
Microsoft |
| The developer website: |
http://www.microsoft.com/ |
Under the Cached Web Credentials vulnerability, if a user logs onto a secured Web page using Basic Authentication, and subsequently visits a nonsecure page on the same site, Internet Explorer automatically sends the cached credentials, normally a user ID and password, to the nonsecure page. If a malicious user gains control over the other user's network communications, it is possible for the malicious user to read the credentials and use them. This vulnerability does not provide a means by which the malicious user can force another user to log onto a secure page, and can only be used to reveal credentials that had been cached during the current Internet Explorer session.The patch requires IE 5.01 SP1 to install. Customers who install this patch on other versions may receive a message reading "This update does not need to be installed on this system." This message is incorrect. Internet Explorer 5.5 is not affected by this vulnerability. |
|
Links:
| Referrer Spam |  |
Backup | |
News | CSS FAQs and Tutorials | |
Web Hosting
·
Blog
·
Guestbooks
·
Message Forums
·
Mailing Lists
Allwebco Web Templates · Build your own toolbar · Site Building Articles · Audio, Fonts, Clipart
powered by
bravenet.com
Allwebco Web Templates · Build your own toolbar · Site Building Articles · Audio, Fonts, Clipart
powered by
bravenet.com