CVEDB API

Vulnerability Details CVE-2004-0839

Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.388

EPSS Ranking 97.0%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2004-0839

Avaya » Ip600 Media Servers » Version: N/A

cpe:2.3:a:avaya:ip600_media_servers:-
Avaya » Ip600 Media Servers » Version: r10

cpe:2.3:a:avaya:ip600_media_servers:r10
Microsoft » Ie » Version: 6.0

cpe:2.3:a:microsoft:ie:6.0
Microsoft » Internet Explorer » Version: 5.0.1

cpe:2.3:a:microsoft:internet_explorer:5.0.1
Microsoft » Internet Explorer » Version: 5.5

cpe:2.3:a:microsoft:internet_explorer:5.5
Microsoft » Internet Explorer » Version: 6.0

cpe:2.3:a:microsoft:internet_explorer:6.0
Nortel » Ip Softphone 2050 » Version: N/A

cpe:2.3:a:nortel:ip_softphone_2050:-
Nortel » Mobile Voice Client 2050 » Version: N/A

cpe:2.3:a:nortel:mobile_voice_client_2050:-
Nortel » Optivity Telephony Manager » Version: N/A

cpe:2.3:a:nortel:optivity_telephony_manager:-
Nortel » Symposium Web Centre Portal » Version: N/A

cpe:2.3:a:nortel:symposium_web_centre_portal:-
Nortel » Symposium Web Client » Version: N/A

cpe:2.3:a:nortel:symposium_web_client:-
Avaya » Definity One Media Server » Version: N/A

cpe:2.3:h:avaya:definity_one_media_server:-
Avaya » Definity One Media Server » Version: r10

cpe:2.3:h:avaya:definity_one_media_server:r10
Avaya » Definity One Media Server » Version: r9

cpe:2.3:h:avaya:definity_one_media_server:r9
Avaya » S3400 » Version: N/A

cpe:2.3:h:avaya:s3400:-
Avaya » S8100 » Version: N/A

cpe:2.3:h:avaya:s8100:-
Avaya » Modular Messaging Message Storage Server » Version: 1.1

cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1
Avaya » Modular Messaging Message Storage Server » Version: 2.0

cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0
Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-
Microsoft » Windows 2000 » Version: beta3

cpe:2.3:o:microsoft:windows_2000:beta3
Microsoft » Windows 2003 Server » Version: enterprise

cpe:2.3:o:microsoft:windows_2003_server:enterprise
Microsoft » Windows 2003 Server » Version: enterprise_64-bit

cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit
Microsoft » Windows 2003 Server » Version: r2

cpe:2.3:o:microsoft:windows_2003_server:r2
Microsoft » Windows 2003 Server » Version: standard

cpe:2.3:o:microsoft:windows_2003_server:standard
Microsoft » Windows 2003 Server » Version: web

cpe:2.3:o:microsoft:windows_2003_server:web
Microsoft » Windows 98 » Version: N/A

cpe:2.3:o:microsoft:windows_98:-
Microsoft » Windows 98se » Version: N/A

cpe:2.3:o:microsoft:windows_98se:-
Microsoft » Windows Me » Version: N/A

cpe:2.3:o:microsoft:windows_me:-
Microsoft » Windows Xp » Version: Any

cpe:2.3:o:microsoft:windows_xp:*
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0839

Products

Pricing

Contact Us