Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka “HTTPS Proxy Vulnerability.”
secunia.com/advisories/15368
secunia.com/advisories/18064
secunia.com/advisories/18311
securitytracker.com/id?1015350
support.avaya.com/elmodocs2/security/ASA-2005-234.pdf
www.securityfocus.com/bid/15825
www.vupen.com/english/advisories/2005/2867
www.vupen.com/english/advisories/2005/2909
www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420
docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054
exchange.xforce.ibmcloud.com/vulnerabilities/23451
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1097
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1101
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1143
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1317
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1435
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1521