Vulnerability Details : CVE-2005-2830

Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."

Published 2005-12-14 11:03:00

Updated 2021-07-23 12:55:04

Source Microsoft Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2005-2830

Probability of exploitation activity in the next 30 days: 96.87%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-2830

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2005-2830

Products affected by CVE-2005-2830

Microsoft » IE » Version: 6.0 Update SP1
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Internet Explorer » Version: 5.5 Update SP2
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Internet Explorer » Version: 5.0.1 Update SP4
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
Matching versions
Microsoft » Internet Explorer » Version: 6.0
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
Matching versions