Flash Address Bar Spoofing Vulnerability (WinS03)ID: oval:org.mitre.oval:def:1806 | Date: (C)2006-06-14 (M)2021-09-11 |
Class: VULNERABILITY | Family: windows |
Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192.
Platform: |
Microsoft Windows Server 2003 |
Product: |
Microsoft Internet Explorer |