Microsoft IE Page Redirect Authentication Credential Leak
Remote / Network Access
Loss of Confidentiality
Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a web site requests a user name and password and then redirects the user to a second web page, which may allow the second web page to capture the requested authentication information resulting in a loss of confidentiality.
Upgrade to version 4.01 Service Pack 1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.