Vulnerabilities > CVE-2000-0982 - Unspecified vulnerability in Microsoft Internet Explorer

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2000-12-19

Updated: 2021-07-23

Summary

Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 4.0 Microsoft Internet Explorer 4.0.1 Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 4.1 Microsoft Internet Explorer 5.0	5

References

http://www.securityfocus.com/bid/1793
http://www.acrossecurity.com/aspr/ASPR-2000-07-22-2-PUB.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/5367
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-076