CVE-2006-5913

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 7

Description The issue allows remote attackers to manipulate the security certificate of a secure web site, making it appear invalid, or to trigger a report stating that the webpage no longer exists. This can be achieved through specific links, such as res://ieframe.dll/sslnavcancel.htm or res://ieframe.dll/http 410.htm, which can display the site's URL in the address bar but cause Internet Explorer to report that the certificate is invalid.

Recommendations For Microsoft Internet Explorer version 7, consider avoiding the use of links that could trigger the invalid certificate report or the "The webpage no longer exists" message until a fix is available. As a temporary workaround, restrict access to the res://ieframe.dll/ module to minimize the risk of exploitation.