CVE-2016-7152 in Web Browserinformación

Resumen

por MITRE

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

2016-09-06

Divulgación

2016-09-06

Moderación

aceptado

Artículo

Relacionar

mostrar

CPE

listo

CWE

CWE-200 (confirmado)

CVSS

5.3 (NVD)

EPSS

0.01253

KEV

Actividades

muy bajo

Sector

Agriculture, Finance, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7152
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7152
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7152/

◂ Anterior Visión De Conjunto Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!