What is QID 100027 - IE Browser Window Without Origin Indication May Facilitate Phishing?

Document created by kb-author-1 Employee on May 19, 2010Last modified by eschamp on Jul 16, 2010
Version 3Show Document
  • View in full screen mode

Issue:

QID 100027 - Internet Explorer Browser Windows Without Origin Indication May Facilitate Phishing was posted in my recent scan. I am not sure what this is or if I have it. What do I need to do?

 

Solution:

This vulnerability is known to affect IE and their processing of JavaScript. JavaScript dialog boxes do not display or include their origin, which allows a new window to open and that window appears to be from the trusted site.

 

To manually test for QID 100027, visit the following web site:

 

http://secunia.com/advisories/15491/

 

 

 

 

Qualys Support KnowledgeBase

http://community.qualys.com/community/kb

 

 

 

ID:  0001.001.613.000

Attachments

    Outcomes