CVE-2006-1192

2006-04-1123:02:00

CWE-20

[email protected]

web.nvd.nist.gov

microsoft

internet explorer

phishing

spoofing

address bar

trust ui

vulnerability

nvd

cve-2006-1192

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.951 High

EPSS

Percentile

99.3%

JSON

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow “window content to persist” after the user has navigated to another site, aka the “Address Bar Spoofing Vulnerability.” NOTE: this is a different vulnerability than CVE-2006-1626.

Affected configurations

NVD

Node

microsoftieMatch5.01windows_2000_sp4

microsoftieMatch6windows_xp_professional_64bit

microsoftieMatch6sp1windows_xpsp1

microsoftieMatch6windows_2000_sp4

microsoftieMatch6windows_server_2003_sp1

microsoftieMatch6windows_server_2003_sp1_itanium_systems

microsoftieMatch6windows_xp_sp2

microsoftinternet_explorerMatch6sp1

canonnetwork_camera_server_vb101

CPENameOperatorVersion
microsoft:iemicrosoft ieeq5.01
microsoft:iemicrosoft ieeq6
microsoft:internet_explorermicrosoft internet explorereq6
canon:network_camera_server_vb101canon network camera server vb101eq*

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	5.01
microsoft:ie	microsoft ie	eq	6
microsoft:internet_explorer	microsoft internet explorer	eq	6
canon:network_camera_server_vb101	canon network camera server vb101	eq	*