Vulnerability CVE-2009-2064 - CERT Civis.Net

Vulnerability Name:

CVE-2009-2064 (CCN-51186)

Assigned:

2009-05-01

Published:

2009-05-01

Updated:

2018-10-30

Summary:

Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2009-2064

Source: CCN
Type: Microsoft Research Web site
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers HTTPS Deployments

Source: MISC
Type: UNKNOWN
http://research.microsoft.com/apps/pubs/default.aspx?id=79323

Source: MISC
Type: UNKNOWN
http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf

Source: CCN
Type: Microsoft Web site
Microsoft Internet Explorer

Source: CCN
Type: OSVDB ID: 56485
Microsoft IE iFrame HTTP / HTTPS Content Detection Weakness

Source: BID
Type: UNKNOWN
35403

Source: CCN
Type: BID-35403
Multiple Browser HTTP Resource in HTTPS Context Security Bypass Vulnerability

Source: XF
Type: UNKNOWN
ie-https-security-bypass(51186)

Source: XF
Type: UNKNOWN
ie-https-security-bypass(51186)

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:internet_explorer:5:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:6:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:6:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:7.0.5730:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:8:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:8:beta1:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:*:beta2:*:*:*:*:*:* (Version <= 8)

OR cpe:/a:microsoft:internet_explorer:8.0b:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:1.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:1.1:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:2.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:3.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:4.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:2002:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:2003:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:3.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*

OR cpe:/a:microsoft:ie:6.0:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:1.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:1.1:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:2.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:4.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:2002:*:*:*:*:*:*:*

OR cpe:/a:microsoft:pocket_ie:2003:*:*:*:*:*:*:*

OR cpe:/a:microsoft:ie:8.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_explorer:7.0.5730:unknown:gold:*:*:*:*:*

OR cpe:/a:microsoft:ie:8.0b:*:*:*:*:*:*:*

Denotes that component is vulnerable