Internet Explorer 6 and previous versions allows remote malicious users to create chromeless windows using the Javascript window.createPopup method, which could allow malicious users to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.5 |
||
microsoft internet explorer 6.0 |