Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ie | Microsoft | 6.0-sp2 (including) | 6.0-sp2 (including) |