Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2004-08-18 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-0839
Mitre link : CVE-2004-0839
CVE.ORG link : CVE-2004-0839
JSON object : View
Products Affected
avaya
- ip600_media_servers
- s8100
- s3400
- modular_messaging_message_storage_server
- definity_one_media_server
nortel
- mobile_voice_client_2050
- symposium_web_client
- ip_softphone_2050
- symposium_web_centre_portal
- optivity_telephony_manager
microsoft
- windows_xp
- internet_explorer
- windows_98se
- windows_me
- windows_2003_server
- windows_98
- windows_2000
- ie
CWE