Microsoft Internet Explorer For Mac HTTP Referer信息泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1202109 漏洞类型 信息泄露
发布时间 2003-12-31 更新时间 2003-12-31
CVE编号 CVE-2003-1559 CNNVD-ID CNNVD-200312-481
漏洞平台 N/A CVSS评分 5.0
|漏洞来源
https://www.securityfocus.com/bid/80384
https://cxsecurity.com/issue/WLB-2008070088
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-481
|漏洞详情
MicrosoftInternetExplorer是一款多平台流行的WEB浏览器。MicrosoftInternetExplorer在AppleMac平台上没有遵从HTTP1.1RFC,在部分环境下可导致信息泄露。MicrosoftInternetExplorer没有尊从HTTP1.1spec(RFC2616)规定的:如果引用页面以安全协议传输客户端不能在HTTP请求(非安全的)中包含Referer头字段。而MSIE没有遵从此规定,可导致部分信息泄露。
|漏洞EXP


Documented instance of Internet Explorer 5.22 on a Mac transmitting an HTTP Referer header from a link on a secure page (https):

http://www.gadgetopia.com/2003/12/23/OutlookWebAccessPrivacyHole.html

This is clearly covered in the HTTP 1.1 spec (RFC 2616), Section 15.1.3, "Encoding Sensitive Information in URI's":

"Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol."
|受影响的产品
Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Se
|参考资料

来源:BID
名称:9295
链接:http://www.securityfocus.com/bid/9295
来源:BUGTRAQ
名称:20031230RE:IE5.22onMacTransmittingHTTPRefererfromSecurePage
链接:http://www.securityfocus.com/archive/1/348574
来源:BUGTRAQ
名称:20031224IE5.22onMacTransmittingHTTPRefererfromSecurePage
链接:http://www.securityfocus.com/archive/1/348360
来源:www.gadgetopia.com
链接:http://www.gadgetopia.com/2003/12/23/OutlookWebAccessPrivacyHole.html
来源:SREASON
名称:3989
链接:http://securityreason.com/securityalert/3989
来源:NSFOCUS
名称:5848
链接:http://www.nsfocus.net/vulndb/5848