CVE-2006-4092

low

Description

Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended Internet Explorer environment, which allows local users to perform unauthorized actions by visiting a web site that executes a JavaScript window.blur loop to remove focus from the browser window, then pressing CTRL-SHIFT-ESC to invoke the Task Manager.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/28224

http://www.securityfocus.com/bid/19304

http://www.securityfocus.com/archive/1/444026/100/100/threaded

http://www.securityfocus.com/archive/1/442058/100/100/threaded

http://securityreason.com/securityalert/1365

http://secunia.com/advisories/21321

Details

Source: Mitre, NVD

Published: 2006-08-11

Updated: 2026-04-16

Risk Information

CVSS v2

Base Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N

Severity: Low

CVSS v3

Base Score: 3.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Severity: Low

EPSS

EPSS: 0.00068