Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028009.html - | |
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028035.html - | |
References | () http://marc.info/?l=bugtraq&m=109942758911846&w=2 - | |
References | () http://secunia.com/advisories/12959/ - | |
References | () http://www.kb.cert.org/vuls/id/842160 - Third Party Advisory, US Government Resource | |
References | () http://www.securityfocus.com/archive/1/379261 - | |
References | () http://www.securityfocus.com/bid/11515 - | |
References | () http://www.us-cert.gov/cas/techalerts/TA04-315A.html - US Government Resource | |
References | () http://www.us-cert.gov/cas/techalerts/TA04-336A.html - US Government Resource | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-040 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17889 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1294 - |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-1050
Mitre link : CVE-2004-1050
CVE.ORG link : CVE-2004-1050
JSON object : View
Products Affected
avaya
- definity_one_media_server
- s3400
- modular_messaging_message_storage_server
- ip600_media_servers
- s8100
microsoft
- internet_explorer
- ie
CWE