Vulnerability in N/a
CVE-2001-1410
Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal se…
EPSS: 0.616 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20030713 IE chromeless window vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
- ie-javascript-spoof-dialog(7313) (vdb-entry, x_refsource_XF)
- 3469 (vdb-entry, x_refsource_BID)
- 20030715 Internet Explorer Full-Screen mode threats (mailing-list, x_refsource_BUGTRAQ)
- www.systemintegra.com/ie-fullscreen/ (x_refsource_MISC)
- VU#490708 (x_refsource_CERT-VN, third-party-advisory)
- 20011021 Javascript in IE may spoof the whole screen (mailing-list, x_refsource_BUGTRAQ)
- www.guninski.com/popspoof.html (x_refsource_MISC)
- www.doxdesk.com/personal/posts/bugtraq/20030713-ie/ (x_refsource_MISC)