HTTP: Internet Explorer Address Bar Spoofing (2)
This signature detects attempts to exploit a known vulnerability against Internet Explorer (IE) 5.0 and 6.0. A successful attack can lead to arbitrary code execution. A spoofing vulnerability exists in IE that allows an attacker to display spoofed content in a browser window. The address bar and other parts of the trusted UI can be displayed from trusted Web sites, but the window content contains the attackers Web page.
Extended Description
Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192.
Short Name
HTTP:STC:IE:ADDRBAR-SPOOF-2
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(2) Address Bar CVE-2006-1626 Explorer Internet Spoofing bid:17404
Release Date
06/13/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3404
False Positive
Unknown
CVSS Score
4.3