Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2384

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-2384
Last Modified 07 Mar 2011 09:36:06
Published 13 Jun 2006 03:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2384

Summary

Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 6.0


References

XF - ie-address-bar-spoof(26777)

VUPEN - ADV-2006-2319

BID - 18321

OSVDB - 26445

MS - MS06-021

SECTRACK - 1016291

SECUNIA - 20595


Last Updated: 27 May 2016 10:42:26