CVE-2016-7152 in Web BrowserИнформация

Сводка

по MITRE

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Резервировать

06.09.2016

Раскрытие

06.09.2016

Модерация

принято

Вход

Связать

показать

CPE

готов

CWE

CWE-200 (Подтверждённый)

CVSS

5.3 (NVD)

EPSS

0.01253

KEV

Нет

Деятельности

Очень низкий

Сектор

Chemical, Government, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7152
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7152
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7152/

◂ Предыдущий Обзор Далее ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!