Vulnerabilities > CVE-2006-4092 - Unspecified vulnerability in Simpliciti Locked Browser
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended Internet Explorer environment, which allows local users to perform unauthorized actions by visiting a web site that executes a JavaScript window.blur loop to remove focus from the browser window, then pressing CTRL-SHIFT-ESC to invoke the Task Manager.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://secunia.com/advisories/21321
- http://securityreason.com/securityalert/1365
- http://www.securityfocus.com/archive/1/442058/100/100/threaded
- http://www.securityfocus.com/archive/1/444026/100/100/threaded
- http://www.securityfocus.com/bid/19304
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28224