Microsoft IE Script Initiated Popup Title Bar Spoofing
Remote / Network Access
Loss of Confidentiality
Internet Explorer for Windows XP SP2 contains a flaw that may allow a malicious user to force a popup with a spoofed titlebar. The issue is triggered when an overly long hostname is used occurs. It is possible that the flaw may allow a malicious web site to trick a user into entering sensitive information in a popup placed over a trusted site resulting in a loss of confidentiality.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.