CVE-2006-1626 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1626
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1626

Description: Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25634 ST 1016291 SAID Secunia Advisory: SA19521 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1918 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1881 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1806 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1842 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1604 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1600 MS http://www.microsoft.com/technet/security/bulletin/ms06-021.mspx MISC http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/ BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/440851/100/100/threaded http://www.securityfocus.com/archive/1/archive/1/429891/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/429719/100/0/threaded BID 17404

Return to the previous page.