CVE-2006-1191 Information

Description

Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site.

Reference

http://secunia.com/advisories/18957 http://securitytracker.com/id?1015892 http://www.securityfocus.com/bid/17457 http://www.vupen.com/english/advisories/2006/1318 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/25555 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1251 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1710