Executive Summary
Summary | |
---|---|
Title | Microsoft Internet Explorer 7 DisableCachingOfSSLPages may not prevent caching |
Informations | |||
---|---|---|---|
Name | VU#468843 | First vendor Publication | 2008-05-09 |
Vendor | VU-CERT | Last vendor Modification | 2008-05-09 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#468843Microsoft Internet Explorer 7 DisableCachingOfSSLPages may not prevent cachingOverviewSetting the Internet Explorer 7 option DisableCachingOfSSLPages may not prevent the caching of SSL-enabled web pages.I. DescriptionAdministrators and users can set the Internet Explorer DisableCachingOfSSLPages option to prevent sensitive or private data from being saved to disk. The registry key for this setting is:HKCUSoftwareMicrosoftWindowsCurrentVersionInternetSettingsDisableCachingOfSSLPages II. ImpactPrivate or sensitive data may be written to disk inadvertently.III. SolutionWe are currently unaware of a practical solution to this problem.Secure deletion
References
Thanks to Bill KNox from MITRE for reporting this vulnerability. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/468843 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44973 | Microsoft IE DisableCachingOfSSLPages SSL Page Caching Persistence |