Vulnerability Details CVE-2004-1050
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.756
EPSS Ranking 98.8%
CVSS Severity
CVSS v2 Score 10.0
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028009.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028035.html
- http://marc.info/?l=bugtraq&m=109942758911846&w=2
- http://secunia.com/advisories/12959/
- http://www.kb.cert.org/vuls/id/842160
- http://www.securityfocus.com/archive/1/379261
- http://www.securityfocus.com/bid/11515
- http://www.us-cert.gov/cas/techalerts/TA04-315A.html
- http://www.us-cert.gov/cas/techalerts/TA04-336A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-040
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17889
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1294
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028009.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028035.html
- http://marc.info/?l=bugtraq&m=109942758911846&w=2
- http://secunia.com/advisories/12959/
- http://www.kb.cert.org/vuls/id/842160
- http://www.securityfocus.com/archive/1/379261
- http://www.securityfocus.com/bid/11515
- http://www.us-cert.gov/cas/techalerts/TA04-315A.html
- http://www.us-cert.gov/cas/techalerts/TA04-336A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-040
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17889
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1294
Products affected by CVE-2004-1050
-
cpe:2.3:a:avaya:ip600_media_servers:-
-
cpe:2.3:a:avaya:ip600_media_servers:r10
-
cpe:2.3:a:avaya:ip600_media_servers:r11
-
cpe:2.3:a:avaya:ip600_media_servers:r12
-
cpe:2.3:a:avaya:ip600_media_servers:r6
-
cpe:2.3:a:avaya:ip600_media_servers:r7
-
cpe:2.3:a:avaya:ip600_media_servers:r8
-
cpe:2.3:a:avaya:ip600_media_servers:r9
-
cpe:2.3:a:microsoft:ie:6.0
-
cpe:2.3:a:microsoft:internet_explorer:6.0
-
cpe:2.3:h:avaya:definity_one_media_server:-
-
cpe:2.3:h:avaya:definity_one_media_server:r10
-
cpe:2.3:h:avaya:definity_one_media_server:r11
-
cpe:2.3:h:avaya:definity_one_media_server:r12
-
cpe:2.3:h:avaya:definity_one_media_server:r6
-
cpe:2.3:h:avaya:definity_one_media_server:r7
-
cpe:2.3:h:avaya:definity_one_media_server:r8
-
cpe:2.3:h:avaya:definity_one_media_server:r9
-
cpe:2.3:h:avaya:s3400:-
-
cpe:2.3:h:avaya:s8100:-
-
cpe:2.3:h:avaya:s8100:r10
-
cpe:2.3:h:avaya:s8100:r11
-
cpe:2.3:h:avaya:s8100:r12
-
cpe:2.3:h:avaya:s8100:r6
-
cpe:2.3:h:avaya:s8100:r7
-
cpe:2.3:h:avaya:s8100:r8
-
cpe:2.3:h:avaya:s8100:r9
-
cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400