CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1686

Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.103

EPSS Ranking 95.1%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=109539520310153&w=2
http://www.securityfocus.com/bid/11200
https://exchange.xforce.ibmcloud.com/vulnerabilities/20617
http://marc.info/?l=bugtraq&m=109539520310153&w=2
http://www.securityfocus.com/bid/11200
https://exchange.xforce.ibmcloud.com/vulnerabilities/20617

Products affected by CVE-2004-1686

Microsoft » Ie » Version: 6.0

cpe:2.3:a:microsoft:ie:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1686

Products

Pricing

Contact Us