Internet Explorer 5.01 up to and including 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote malicious user to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.5 |
||
microsoft internet explorer 5.0.1 |
||
microsoft internet explorer 6.0 |
||
microsoft ie 6.0 |