CVE-2003-1559 Information

Description

Microsoft Internet Explorer 5.22 and other 5 through 6 SP1 versions sends Referer headers containing https:// URLs in requests for http:// URLs which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

Reference

http://securityreason.com/securityalert/3989 http://www.gadgetopia.com/2003/12/23/OutlookWebAccessPrivacyHole.html http://www.securityfocus.com/archive/1/348360 http://www.securityfocus.com/archive/1/348574 http://www.securityfocus.com/bid/9295