4

CVE-2006-1191

Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version5.01
MicrosoftInternet Explorer Version5.1
MicrosoftInternet Explorer Version5.5
MicrosoftInternet Explorer Version6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 31.62% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 4.9 4.9
AV:N/AC:H/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/18957
http://www.vupen.com/english/advisories/2006/1318
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013
http://securitytracker.com/id?1015892
http://www.securityfocus.com/bid/17457
https://exchange.xforce.ibmcloud.com/vulnerabilities/25555
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1251
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1710