Lucene search

[email protected]CVE-2006-1626

HistoryApr 05, 2006 - 10:04 a.m.

CVE-2006-1626

2006-04-0510:04:00

CWE-20

[email protected]

web.nvd.nist.gov

internet explorer

address bar spoofing

phishing

cve-2006-1626

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.951 High

EPSS

Percentile

99.3%

JSON

Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192.

Affected configurations

NVD

Node

microsoftinternet_explorerMatch6.0

AND

microsoftwindows_xpsp2

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

secunia.com/advisories/19521

secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/

securitytracker.com/id?1016291

www.securityfocus.com/archive/1/429719/100/0/threaded

www.securityfocus.com/archive/1/429891/100/0/threaded

www.securityfocus.com/archive/1/440851/100/100/threaded

www.securityfocus.com/bid/17404

www.vupen.com/english/advisories/2006/1218

www.vupen.com/english/advisories/2006/2319

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-021

exchange.xforce.ibmcloud.com/vulnerabilities/25634

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1600

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1604

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1806

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1842

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1881

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1918

Social References

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.951 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2006-1626

prion2 nvd2 cve1 cvelist2 checkpoint_advisories1 nessus2 securityvulns2 mskb1