05 Sep 2016
CVE-2016-7152 Vulnerability
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack. (CVSS:5.0) (Last Update:2016-09-06)
Vulnerability Details : The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack. Publish Date : 2016-09-06 Last Update Date : 2016-09-06 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-7152
- Number Of Affected Versions By Product
- References For CVE-2016-7152 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-7152There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |