Microsoft Internet Explorer OnUnload Javascript Browser Entrapment Vulnerability

Microsoft Internet Explorer OnUnload Javascript Browser Entrapment Vulnerability

Microsoft Internet Explorer is prone to a vulnerability that allows attackers to trap users at a particular webpage and spoof page transitions.

Attackers may exploit this via a malicious page to spoof the contents and origin of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing.

NOTE: Mozilla Firefox is likely prone to a variation of this vulnerability. We will update this BID as more information emerges.

Internet Explorer 6 and 7 are confirmed vulnerable to this issue.