|
|
CVE Reference: CVE-2007-5355 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-5355 |
|
|
Description: The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct man-in-the-middle (MITM) attacks. |
|
|
CVE Status: Candidate |
|
|
References: ST 1019033 SAID Secunia Advisory: SA27901 MSKB http://support.microsoft.com/kb/945713 CONFIRM http://www.microsoft.com/technet/security/advisory/945713.mspx BID 26686 |
|
| Return to the previous page. |
