2003-07-17 04:00:00
mitre
PUBLISHED
Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victims display and conduct unauthorized activities or steal sensitive data via social engineering.