Win2K/XP,SP1 File Download Dialog Box Manipulation VulnerabilityID: oval:org.mitre.oval:def:1505 | Date: (C)2005-12-13 (M)2021-07-27 |
Class: VULNERABILITY | Family: windows |
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Download Dialog Box Manipulation Vulnerability."
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Product: |
Microsoft Internet Explorer |