CVE-2006-1192

EPSS 30.14%
Published 11.04.2006 23:02:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability."  NOTE: this is a different vulnerability than CVE-2006-1626.

Affected products Warnungen 0 Metrics 2 CWE 1 References 15

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Ie Version5.01 Updatewindows_2000_sp4

Microsoft ≫ Ie Version6 Editionwindows_xp_professional_64bit

Microsoft ≫ Ie Version6 Updatesp1 Editionwindows_xpsp1

Microsoft ≫ Ie Version6 Updatewindows_2000_sp4

Microsoft ≫ Ie Version6 Updatewindows_server_2003_sp1

Microsoft ≫ Ie Version6 Updatewindows_server_2003_sp1_itanium_systems

Microsoft ≫ Ie Version6 Updatewindows_xp_sp2

Microsoft ≫ Internet Explorer Version6 Updatesp1

Canon ≫ Network Camera Server Vb101

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	30.14%	0.965

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/18957

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1318

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013

http://securityreason.com/securityalert/670

http://securitytracker.com/id?1015899

Patch

http://www.securityfocus.com/bid/17460

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/25557