CVE

Id
4213  
CVE No.
CVE-2001-1410  
Status
Candidate  
Description
Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim"s display and conduct unauthorized activities or steal sensitive data via social engineering.  
Phase
Assigned (20030715)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
20015 4213 CVE-2001-1410 BUGTRAQ:20011021 Javascript in IE may spoof the whole screen  View
20016 4213 CVE-2001-1410 URL:http://www.securityfocus.com/archive/1/221883  View
20017 4213 CVE-2001-1410 MISC:http://www.guninski.com/popspoof.html  View
20018 4213 CVE-2001-1410 BUGTRAQ:20030713 IE chromeless window vulnerabilities  View
20019 4213 CVE-2001-1410 URL:http://marc.info/?l=bugtraq&m=105820229407274&w=2  View
20020 4213 CVE-2001-1410 MISC:http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/  View
20021 4213 CVE-2001-1410 BUGTRAQ:20030715 Internet Explorer Full-Screen mode threats  View
20022 4213 CVE-2001-1410 URL:http://marc.info/?l=bugtraq&m=105829174431769&w=2  View
20023 4213 CVE-2001-1410 MISC:http://www.systemintegra.com/ie-fullscreen/  View
20024 4213 CVE-2001-1410 CERT-VN:VU#490708  View
20025 4213 CVE-2001-1410 URL:http://www.kb.cert.org/vuls/id/490708  View
20026 4213 CVE-2001-1410 XF:ie-javascript-spoof-dialog(7313)  View
20027 4213 CVE-2001-1410 URL:http://xforce.iss.net/xforce/xfdb/7313  View
20028 4213 CVE-2001-1410 BID:3469  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
64186 JVNDB-2001-000160 Microsoft Internet Explorer における Desktop/Download ダイアログが偽装される脆弱性 Microsoft Internet Explorer において、JavaScript の window.createPopup() や popup.show() 関数を不正に利用された場合に、ポップアップウィンドウでデスクトップやダウンロードダイアログの表示を偽装される脆弱性が存在します。 CVE-2001-1410 4213 5 http://jvndb.jvn.jp/ja/contents/2001/JVNDB-2001-000160.html  View