CVE-2006-4092 : Simpliciti Locked Browser does not properly limit a user's actions to ones withi

Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended Internet Explorer environment, which allows local users to perform unauthorized actions by visiting a web site that executes a JavaScript window.blur loop to remove focus from the browser window, then pressing CTRL-SHIFT-ESC to invoke the Task Manager.

Published 2006-08-11 10:04:00

Updated 2018-10-17 21:33:21

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-4092

Simpliciti » Locked Browser
cpe:2.3:a:simpliciti:locked_browser:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-4092

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 18 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-4092

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
3.6	LOW	AV:L/AC:L/Au:N/C:P/I:P/A:N	3.9	4.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

References for CVE-2006-4092

Jump to

Vulnerability Details : CVE-2006-4092

Products affected by CVE-2006-4092

Exploit prediction scoring system (EPSS) score for CVE-2006-4092

CVSS scores for CVE-2006-4092

References for CVE-2006-4092