Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim’s display and conduct unauthorized activities or steal sensitive data via social engineering.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Internet_explorer | Microsoft | 5.5 | 5.5 |
Internet_explorer | Microsoft | 6.0 | 6.0 |
Internet_explorer | Microsoft | 5.5 | 5.5 |
Internet_explorer | Microsoft | 5.5 | 5.5 |