It's possible to spoof modal dialog content. This problem is only significant for Windows proir to Windows XP SP2 / Windows 2003 SP1.
vulners.com/securityvulns/securityvulns:doc:12437