Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-2219 | First vendor Publication | 2004-12-31 |
Vendor | Cve | Last vendor Modification | 2021-07-23 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.6 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2219 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 3 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
8978 | Microsoft IE Address Bar Spoofing (NullyFake) Internet Explorer contains a flaw that may allow a malicious user to spoof a URL in the address bar. The issue is triggered when Javascript is used to open an unregistered protocol URL and reload it repeatedly before loading an arbitrary page containing a history.back() scripting statement. This may allow for content to be read across windows while the location bar shows no indication of the change. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-19 | Microsoft Internet Explorer address bar spoofing without scripting RuleID : 32231 - Revision : 2 - Type : BROWSER-IE |
2014-11-19 | Microsoft Internet Explorer address bar spoofing without scripting RuleID : 32230 - Revision : 2 - Type : BROWSER-IE |
2014-05-08 | Microsoft Internet Explorer address bar spoofing with scripting RuleID : 30491 - Revision : 3 - Type : BROWSER-IE |
2014-05-08 | Microsoft Internet Explorer address bar spoofing with scripting RuleID : 30490 - Revision : 3 - Type : BROWSER-IE |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-07-27 00:24:37 |
|
2021-07-24 01:44:14 |
|
2021-07-24 01:01:48 |
|
2021-07-23 17:24:41 |
|
2021-05-04 12:02:36 |
|
2021-04-22 01:02:48 |
|
2020-05-23 00:16:08 |
|
2017-07-11 12:01:42 |
|
2016-06-28 15:10:00 |
|
2016-04-26 13:07:23 |
|
2014-11-19 21:23:16 |
|
2014-05-08 21:26:07 |
|
2013-05-11 11:47:52 |
|