CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1319

The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.344

EPSS Ranking 96.8%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2004-1319

Nortel » Ip Softphone 2050 » Version: N/A

cpe:2.3:a:nortel:ip_softphone_2050:-
Nortel » Mobile Voice Client 2050 » Version: N/A

cpe:2.3:a:nortel:mobile_voice_client_2050:-
Nortel » Optivity Telephony Manager » Version: N/A

cpe:2.3:a:nortel:optivity_telephony_manager:-
Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-
Microsoft » Windows 2000 » Version: beta3

cpe:2.3:o:microsoft:windows_2000:beta3
Microsoft » Windows 2003 Server » Version: enterprise

cpe:2.3:o:microsoft:windows_2003_server:enterprise
Microsoft » Windows 2003 Server » Version: enterprise_64-bit

cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit
Microsoft » Windows 2003 Server » Version: r2

cpe:2.3:o:microsoft:windows_2003_server:r2
Microsoft » Windows 2003 Server » Version: standard

cpe:2.3:o:microsoft:windows_2003_server:standard
Microsoft » Windows 2003 Server » Version: web

cpe:2.3:o:microsoft:windows_2003_server:web
Microsoft » Windows 98 » Version: N/A

cpe:2.3:o:microsoft:windows_98:-
Microsoft » Windows 98se » Version: N/A

cpe:2.3:o:microsoft:windows_98se:-
Microsoft » Windows Me » Version: N/A

cpe:2.3:o:microsoft:windows_me:-
Microsoft » Windows Xp » Version: Any

cpe:2.3:o:microsoft:windows_xp:*
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1319

Products

Pricing

Contact Us