Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty "href" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL.
Score: 0.0
Priority: Unclassified
Score: 0.37165
Percentile:
0.9699
CVSS v2 Score: 7.5
Severity: