cbcvebase.
CVE-2006-1626
published 2006-04-05

CVE-2006-1626: Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the…

PriorityP425medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
25.28%
97.7th percentile
Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192.

Affected

4 ranges
VendorProductVersion rangeFixed in
microsoftie
microsoftie
microsoftinternet_explorer
microsoftinternet_explorer

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2006-1626 involves address-bar spoofing in Internet Explorer by displaying a trusted URI in the address bar while running an attacker-supplied Macromedia Flash application — monitor for Flash content loaded in IE that coincides with address bar URI mismatches or cross-domain property access attempts.
  • ·CVE-2006-1626 is explicitly noted as a DIFFERENT vulnerability from CVE-2006-1192 (Address Bar Spoofing via window content persistence); do not conflate the two when writing detection rules.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.