CVE-2006-2094

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions prior to Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1

Description The issue allows remote attackers to construct a race condition, tricking a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing an ActiveX control. This occurs when the Prompt is configured in Security Settings, and modal dialogs are used to verify user intentions.

Recommendations For Microsoft Internet Explorer versions prior to Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, update to Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1 to resolve the issue.