2.6

CVE-2006-1192

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability."  NOTE: this is a different vulnerability than CVE-2006-1626.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftIe Version5.01 Updatewindows_2000_sp4
MicrosoftIe Version6 Editionwindows_xp_professional_64bit
MicrosoftIe Version6 Updatesp1 Editionwindows_xpsp1
MicrosoftIe Version6 Updatewindows_2000_sp4
MicrosoftIe Version6 Updatewindows_server_2003_sp1
MicrosoftIe Version6 Updatewindows_server_2003_sp1_itanium_systems
MicrosoftIe Version6 Updatewindows_xp_sp2
MicrosoftInternet Explorer Version6 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 31.47% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/18957
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/1318
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013
http://securityreason.com/securityalert/670
http://securitytracker.com/id?1015899
Patch
http://www.securityfocus.com/bid/17460
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/25557
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740