Synopsis
The remote host is vulnerable to a script injection attack.
Description
The remote host is running Internet Explorer 6 SV1, the version that is part of Windows XP SP2. It is reported that the user confirmation asked before to load client-side JavaScript and ActiveX embedded in web pages can be trivially bypassed. An attacker may run malicious script on the remote host.
Solution
Upgrade or patch according to vendor recommendations.
Plugin Details
Risk Information
Vector: CVSS2#AV:A/AC:M/Au:N/C:N/I:P/A:N