| Secunia Advisory:
|
SA30145
|
|
|
Release Date:
|
2008-05-12
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
Security Bypass
Exposure of sensitive information
|
|
Where:
|
Local system
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Microsoft Internet Explorer 7.x |
Description:
A weakness has been reported in Internet
Explorer, which may result in potentially sensitive information being
inadvertently saved on a system.
Internet Explorer supports the "DisableCachingOfSSLPages" option, which
is supposed to prevent encrypted web pages from being saved to disk.
However, an error may result in encrypted web pages being cached
regardless of the setting being enabled or not.
Solution:
Do not rely on the "DisableCachingOfSSLPages" option.
Provided and/or discovered by:
Bill Knox, MITRE.
Original Advisory:
US-CERT VU#468843:
http://www.kb.cert.org/vuls/id/468843
|
