CVE-2016-7152 in Web Browserالمعلومات

الملخص

بحسب MITRE

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

06/09/2016

إفشاء

06/09/2016

الاعتدال

تمت الموافقة

إدخال

ربط

عرض

CPE

جاهز

CWE

CWE-200 (مؤكد)

CVSS

5.3 (NVD)

EPSS

0.01253

KEV

لا

النشاطات

منخفض جدًا

القطاع

Education, Industry, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7152
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7152
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7152/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!