| Revision Date: | 2011-05-16 | Version: | 45 |
| Title: | Flash Address Bar Spoofing Vulnerability (WinS03) |
| Description: | Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2006-1626
|
| Platform(s): | Microsoft Windows Server 2003
| Product(s): | Microsoft Internet Explorer
|
| Definition Synopsis |
| Windows Server 2003 is installed AND NOT Win2K/XP/2003 is patched
AND the version of mshtml.dll is less than 6.0.3790.536
|