Unrated severityNVD Advisory· Published Jul 13, 2005· Updated Apr 16, 2026

CVE-2005-2274

Description

Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."

Affected products

Microsoft/Internet Explorer2 versions
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: =6.0

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/15491nvdExploitVendor Advisory
secunia.com/multiple_browsers_dialog_origin_vulnerability_test/nvdExploit
secunia.com/advisories/15492nvdVendor Advisory
secunia.com/secunia_research/2005-9/advisory/nvdVendor Advisory
www.microsoft.com/technet/security/advisory/902333.mspxnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000