CVE-2006-2094

CVE-2006-2094 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control.

Learn more about our Cis Benchmark Audit For Server Software.