CVE-2006-1192

Microsoft Internet Explorer <6 - CSRF

Title source: llm

Description

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626.

Exploits (1)

exploitdb WORKING POC

htmldoswindows

https://www.exploit-db.com/exploits/1838

View on exploitdb

References (12)

[Patch, Vendor Advisory] http://secunia.com/advisories/18957

[Patch] http://securitytracker.com/id?1015899

[Patch] http://www.securityfocus.com/bid/17460

[Vendor Advisory] http://www.vupen.com/english/advisories/2006/1318

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25557

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740

[Third Party Advisory] http://securityreason.com/securityalert/670

Scores

EPSS 0.3014

EPSS Percentile 96.6%

Classification

CWE

CWE-20

Status draft

Affected Products (9)

microsoft/ie

microsoft/ie

microsoft/ie

microsoft/ie

microsoft/ie

microsoft/ie

microsoft/ie

microsoft/internet_explorer

canon/network_camera_server_vb101

Timeline

Published Apr 11, 2006

Tracked Since Feb 18, 2026