Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0526 | First vendor Publication | 2004-08-06 |
Vendor | Cve | Last vendor Modification | 2021-07-23 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0526 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
6538 | Microsoft IE/Outlook ImageMap URL Spoofing Internet Explorer contains a flaw that may allow a malicious user spoof a trusted web page. The issue is triggered by a specially crafted URL containing an IMG tag within an A HREF tag that specifies the destination address using the MAP tag, which will be loaded in a user's browser and a different URL would be displayed in the status bar of a spoofed Web page. It is possible that the flaw may allow a malicious user to spoof a valid website, resulting in a loss of integrity. |
6007 | Microsoft IE/Outlook IMG/HREF Tag Code Execution Microsoft IE and Outlook contain a flaw that may allow a malicious attacker to send users a link that loads arbitrary html code which is not displayed and is stored locally. The issue is triggered when an IMG tag is enclosed in the A HREF tag, as the reference content is stored locally in the user's cache. It is possible that the flaw may allow an attacker to trick users into executing stored content locally by sending a URL whose A HREF tag points them to the locally cached content. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-07-27 00:24:37 |
|
2021-07-24 01:44:14 |
|
2021-07-24 01:01:42 |
|
2021-07-23 17:24:41 |
|
2021-07-23 01:44:03 |
|
2021-07-23 01:01:41 |
|
2021-07-22 21:24:58 |
|
2021-05-04 12:02:20 |
|
2021-04-22 01:02:29 |
|
2020-05-23 00:15:48 |
|
2017-07-11 12:01:27 |
|
2016-10-18 12:01:20 |
|
2013-05-11 11:41:58 |
|