CVE-2005-2274 Information

Description

Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks aka the \Dialog Origin Spoofing Vulnerability.\

Reference

http://secunia.com/advisories/15491 http://secunia.com/advisories/15492 http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/ http://secunia.com/secunia_research/2005-9/advisory/ http://www.microsoft.com/technet/security/advisory/902333.mspx