Vulnerabilities > CVE-2006-0799 - Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

microsoft

NVD

Published: 2006-02-19

Updated: 2021-07-23

Summary

Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. NOTE: this issue is very similar to CVE-2004-1104, although the manipulations are slightly different.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6.0.2900	1

References

http://www.osvdb.org/23609
https://exchange.xforce.ibmcloud.com/vulnerabilities/17938
http://www.securityfocus.com/archive/1/425883/100/0/threaded
http://www.securityfocus.com/archive/1/425386/100/0/threaded
http://www.securityfocus.com/archive/1/425298/100/0/threaded