CVE-2005-2274low
Description
Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
References
http://secunia.com/secunia_research/2005-9/advisory/
http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/
http://www.microsoft.com/technet/security/advisory/902333.mspx
Details
Source: MITRE
Published: 2005-07-13
Updated: 2021-07-23
Type: NVD-CWE-Other
Risk Information
CVSS v2
Base Score: 2.6
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 4.9
Severity: LOW