Description
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.
Affected products
- Microsoft / ie4.0 – 4.0
- Microsoft / ie4.0 – 4.0
- Microsoft / ie4.0.1 – 4.0.1
- Microsoft / ie4.0.1 – 4.0.1
- Microsoft / ie4.0.1 – 4.0.1
- Microsoft / ie5 – 5
- Microsoft / ie5.0 – 5.0
- Microsoft / ie5.0 – 5.0
- Microsoft / ie5.0 – 5.0
- Microsoft / ie5.0.1 – 5.0.1
- Microsoft / ie5.0.1 – 5.0.1
- Microsoft / ie5.0.1 – 5.0.1
- Microsoft / ie5.0.1 – 5.0.1
- Microsoft / internet_explorer4.0 – 4.0
References
- MISChttp://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/4624
- VENDOR_ADVISORYhttp://www.cert.org/advisories/CA-2000-10.html
- MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039
- MISChttp://www.securityfocus.com/bid/1309