Phishing Vulnerability in Microsoft Internet Explorer 5.01 to 6
CVE-2006-1192

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Network Camera Server Vb101; Internet Explorer
Vendor: CVE Published:; 11 April 2006

Summary

Microsoft Internet Explorer versions 5.01 through 6 are vulnerable to an address bar spoofing issue that permits remote attackers to mislead users into thinking they are on a trusted website. This occurs by allowing the persistent display of malicious window content which can replace the legitimate site’s appearance, facilitating phishing attacks and compromising user data security. Users who navigate to a different site after being exposed to a malicious window could be deceived into entering sensitive information, thinking they are interacting with a legitimate web interface.

References

http://secunia.com/advisories/18957

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://securityreason.com/securityalert/670

third-party-advisoryx_refsource_SREASON

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 11, 2006
Vulnerability Reserved
Mar 13, 2006