CVE-2000-0982 — Microsoft Internet Explorer vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

10.2%

top 6.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedDec 19

Latest updateApr 30

Description

Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer5 versions+4

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-cjx3-6mg3-8jgm: Internet Explorer before 5↗2022-04-30

▶

💥Exploits & PoCs

Exploit-DB

Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection↗2002-07-25

▶