Vulnerabilities > CVE-2001-1410 - Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
microsoft
exploit available
NVD
Published: 2003-08-18
Updated: 2021-07-23

Summary

Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering.

Vulnerable Configurations

Part Description Count
Application
Microsoft
4

Exploit-Db

descriptionMicrosoft Internet Explorer 5/6 JavaScript Interface Spoofing Vulnerability. CVE-2001-1410. Remote exploit for windows platform
idEDB-ID:21127
last seen2016-02-02
modified2001-10-21
published2001-10-21
reporterGeorgi Guninski
sourcehttps://www.exploit-db.com/download/21127/
titleMicrosoft Internet Explorer 5/6 JavaScript Interface Spoofing Vulnerability

References