First published: Fri Sep 10 1999(Updated: )
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Site Server | =3.0 | |
Microsoft Commercial Internet System | =2.0 | |
Microsoft Site Server Commerce | =3.0-alpha | |
Microsoft Commercial Internet System | =2.5 | |
=2.0 | ||
=2.5 | ||
=3.0 | ||
=3.0-alpha |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.