File Download Dialog Box Manipulation Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6

File Download Dialog Box Manipulation Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6

CVE-2005-2829 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Download Dialog Box Manipulation Vulnerability."

Learn more about our User Device Pen Test.