Deane has reported a security issue in Internet Explorer for Mac, which potentially can disclose sensitive information.
URL information is included in the "Referer:" header field when another site is visited by following a link from a secure site using HTTPS. This behaviour contradicts the specified behaviour in RFC 2616, Section 15.1.3 and may disclose sensitive information in an URL from a secure site.
The issue has been reported in version 5.22. Other versions may also be affected.
Solution: Don't follow links to other sites from a secure site, if the URL contains sensitive information.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Internet Explorer for Mac Disclosure of Referer Information Weakness
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.