Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
References
Link | Resource |
---|---|
http://secunia.com/secunia_research/2005-9/advisory/ | Vendor Advisory |
http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/ | Exploit |
http://www.microsoft.com/technet/security/advisory/902333.mspx | Vendor Advisory |
http://secunia.com/advisories/15491 | Exploit Vendor Advisory |
http://secunia.com/advisories/15492 | Vendor Advisory |
Configurations
Information
Published : 2005-07-12 21:00
Updated : 2021-07-23 05:55
NVD link : CVE-2005-2274
Mitre link : CVE-2005-2274
JSON object : View
CWE
Products Affected
microsoft
- internet_explorer