Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0799

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-0799
Last Modified 05 Sep 2008 05:00:14
Published 19 Feb 2006 04:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-0799

Summary

Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. NOTE: this issue is very similar to CVE-2004-1104, although the manipulations are slightly different.

Vulnerable Systems

Application

  • Microsoft Ie 6.0.2900


References

BUGTRAQ - 20060223 Re: Internet Explorer Phishing mouseover issue

BUGTRAQ - 20060218 Re: Internet Explorer Phishing mouseover issue

BUGTRAQ - 20060216 Internet Explorer Phishing mouseover issue

XF - ie-ahref-status-spoofing(17938)

OSVDB - 23609


Last Updated: 27 May 2016 10:41:48