CVE-2006-0799 — Microsoft Internet Explorer vulnerability

2 documents2 sources

Severity

4.0MEDIUMNVD

EPSS

15.0%

top 5.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedFeb 19

Latest updateMay 1

Description

Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. NOTE: this issue is very similar to CVE-2004-1104, although the manipulations are slightly different.

CVSS vector

AV:N/AC:H/C:P/I:P/A:NExploitability: 4.9 | Impact: 4.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer6.0.2900

🔴Vulnerability Details

GHSA

GHSA-pp5h-86c8-pfvc: Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an a↗2022-05-01

▶