Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations | |||
---|---|---|---|
Name | MS04-038 | First vendor Publication | N/A |
Vendor | Microsoft | Last vendor Modification | N/A |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cumulative Security Update for Internet Explorer (834707) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1563 | |||
Oval ID: | oval:org.mitre.oval:def:1563 | ||
Title: | IE v6.0,SP1 Drag-and-Drop Code Execution Vulnerability | ||
Description: | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0839 | Version: | 5 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:2073 | |||
Oval ID: | oval:org.mitre.oval:def:2073 | ||
Title: | IE v5.01,SP3 Drag-and-Drop Code Execution Vulnerability | ||
Description: | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0839 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:2219 | |||
Oval ID: | oval:org.mitre.oval:def:2219 | ||
Title: | IE v6.0 SSL Cached Content Vulnerability | ||
Description: | Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0845 | Version: | 7 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:2448 | |||
Oval ID: | oval:org.mitre.oval:def:2448 | ||
Title: | Address Bar Spoofing on Double Byte Character Set Systems Vulnerability (Server 2003) | ||
Description: | Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0844 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:2487 | |||
Oval ID: | oval:org.mitre.oval:def:2487 | ||
Title: | IE v6.0 Plug-in Navigation Address Bar Spoofing Vulnerability | ||
Description: | Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0843 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:2537 | |||
Oval ID: | oval:org.mitre.oval:def:2537 | ||
Title: | IE v5.01,SP4 Plug-in Navigation Address Bar Spoofing Vulnerability | ||
Description: | Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0843 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:2611 | |||
Oval ID: | oval:org.mitre.oval:def:2611 | ||
Title: | IE v6.0 HijackClick 3 / Script in Image Tag File Download Vulnerability | ||
Description: | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0841 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:2906 | |||
Oval ID: | oval:org.mitre.oval:def:2906 | ||
Title: | Windows 2000, IE v5.01 CSS Heap Memory Corruption Vulnerability | ||
Description: | Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0842 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:3372 | |||
Oval ID: | oval:org.mitre.oval:def:3372 | ||
Title: | Windows Server 2003, IE v6,SP1 CSS Heap Memory Corruption Vulnerability | ||
Description: | Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0842 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:3773 | |||
Oval ID: | oval:org.mitre.oval:def:3773 | ||
Title: | IE v5.5,SP2 Drag-and-Drop Code Execution Vulnerability | ||
Description: | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0839 | Version: | 4 |
Platform(s): | Microsoft Windows ME | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:3872 | |||
Oval ID: | oval:org.mitre.oval:def:3872 | ||
Title: | IE v6.0,SP1 (Server 2003) SSL Cached Content Vulnerability | ||
Description: | Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0845 | Version: | 7 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:3949 | |||
Oval ID: | oval:org.mitre.oval:def:3949 | ||
Title: | IE v5.01, SP3 Plug-in Navigation Address Bar Spoofing Vulnerability | ||
Description: | Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0843 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:4152 | |||
Oval ID: | oval:org.mitre.oval:def:4152 | ||
Title: | IE v5.01,SP4 Drag-and-Drop Code Execution Vulnerability | ||
Description: | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0839 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:4169 | |||
Oval ID: | oval:org.mitre.oval:def:4169 | ||
Title: | Windows XP, IE v6.0 CSS Heap Memory Corruption Vulnerability | ||
Description: | Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0842 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:4363 | |||
Oval ID: | oval:org.mitre.oval:def:4363 | ||
Title: | IE v5.01, SP3 HijackClick 3 / Script in Image Tag File Download Vulnerability | ||
Description: | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0841 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:4702 | |||
Oval ID: | oval:org.mitre.oval:def:4702 | ||
Title: | IE v5.01,SP4 Similar Method Name Redirection Cross Domain Vulnerability | ||
Description: | Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0727 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5150 | |||
Oval ID: | oval:org.mitre.oval:def:5150 | ||
Title: | IE v5.01, SP4 SSL Cached Content Vulnerability | ||
Description: | Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0845 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5316 | |||
Oval ID: | oval:org.mitre.oval:def:5316 | ||
Title: | IE v6.0,SP1 (Server 2003) Install Engine Buffer Overflow | ||
Description: | Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0216 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5329 | |||
Oval ID: | oval:org.mitre.oval:def:5329 | ||
Title: | IE v6.0,SP1 Install Engine Buffer Overflow | ||
Description: | Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0216 | Version: | 5 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5520 | |||
Oval ID: | oval:org.mitre.oval:def:5520 | ||
Title: | IE v5.5, SP2 SSL Cached Content Vulnerability | ||
Description: | Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0845 | Version: | 6 |
Platform(s): | Microsoft Windows ME | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5592 | |||
Oval ID: | oval:org.mitre.oval:def:5592 | ||
Title: | Windows (ME, NT, 2K), IE v5.5,SP2 CSS Heap Memory Corruption Vulnerability | ||
Description: | Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0842 | Version: | 4 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5620 | |||
Oval ID: | oval:org.mitre.oval:def:5620 | ||
Title: | IE v6.0 for 2003, SP3 HijackClick 3 / Script in Image Tag File Download Vulnerability | ||
Description: | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0841 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5740 | |||
Oval ID: | oval:org.mitre.oval:def:5740 | ||
Title: | IE v6.0,SP1 SSL Cached Content Vulnerability | ||
Description: | Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0845 | Version: | 7 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6031 | |||
Oval ID: | oval:org.mitre.oval:def:6031 | ||
Title: | IE v5.5, SP2 HijackClick 3 / Script in Image Tag File Download Vulnerability | ||
Description: | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0841 | Version: | 4 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6048 | |||
Oval ID: | oval:org.mitre.oval:def:6048 | ||
Title: | IE v5.01, SP4 HijackClick 3 / Script in Image Tag File Download Vulnerability | ||
Description: | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0841 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6100 | |||
Oval ID: | oval:org.mitre.oval:def:6100 | ||
Title: | IE v5.5,SP2 Install Engine Buffer Overflow | ||
Description: | Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0216 | Version: | 4 |
Platform(s): | Microsoft Windows ME | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6272 | |||
Oval ID: | oval:org.mitre.oval:def:6272 | ||
Title: | IE v6.0,SP1 (Server 2003) Drag-and-Drop Code Execution Vulnerability | ||
Description: | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0839 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6313 | |||
Oval ID: | oval:org.mitre.oval:def:6313 | ||
Title: | IE v6.0,SP1 for Server 2003 Plug-in Navigation Address Bar Spoofing Vulnerability | ||
Description: | Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0843 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6579 | |||
Oval ID: | oval:org.mitre.oval:def:6579 | ||
Title: | Windows (ME, NT, 2K, XP), IE v6,SP1 CSS Heap Memory Corruption Vulnerability | ||
Description: | Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0842 | Version: | 5 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6600 | |||
Oval ID: | oval:org.mitre.oval:def:6600 | ||
Title: | IE v5.01,SP4 Install Engine Buffer Overflow | ||
Description: | Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0216 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6829 | |||
Oval ID: | oval:org.mitre.oval:def:6829 | ||
Title: | IE v6.0,SP1 Similar Method Name Redirection Cross Domain Vulnerability | ||
Description: | Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0727 | Version: | 5 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7084 | |||
Oval ID: | oval:org.mitre.oval:def:7084 | ||
Title: | IE v5.01,SP3 Similar Method Name Redirection Cross Domain Vulnerability | ||
Description: | Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0727 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7095 | |||
Oval ID: | oval:org.mitre.oval:def:7095 | ||
Title: | IE v5.5,SP2 Plug-in Navigation Address Bar Spoofing Vulnerability | ||
Description: | Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0843 | Version: | 4 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7194 | |||
Oval ID: | oval:org.mitre.oval:def:7194 | ||
Title: | IE v6.0,SP1 Plug-in Navigation Address Bar Spoofing Vulnerability | ||
Description: | Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0843 | Version: | 5 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7448 | |||
Oval ID: | oval:org.mitre.oval:def:7448 | ||
Title: | IE v5.5,SP2 Similar Method Name Redirection Cross Domain Vulnerability | ||
Description: | Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0727 | Version: | 6 |
Platform(s): | Microsoft Windows 98 Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7496 | |||
Oval ID: | oval:org.mitre.oval:def:7496 | ||
Title: | IE v6.0,SP2 for Server 2003 Similar Method Name Redirection Cross Domain Vulnerability | ||
Description: | Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0727 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7611 | |||
Oval ID: | oval:org.mitre.oval:def:7611 | ||
Title: | IE v5.01,SP3 SSL Cached Content Vulnerability | ||
Description: | Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0845 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7717 | |||
Oval ID: | oval:org.mitre.oval:def:7717 | ||
Title: | IE v6.0 Install Engine Buffer Overflow | ||
Description: | Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0216 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7721 | |||
Oval ID: | oval:org.mitre.oval:def:7721 | ||
Title: | IE v6.0 Drag-and-Drop Code Execution Vulnerability | ||
Description: | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0839 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7865 | |||
Oval ID: | oval:org.mitre.oval:def:7865 | ||
Title: | IE v5.01,SP3 Install Engine Buffer Overflow | ||
Description: | Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0216 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7906 | |||
Oval ID: | oval:org.mitre.oval:def:7906 | ||
Title: | IE v6.0 Similar Method Name Redirection Cross Domain Vulnerability | ||
Description: | Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0727 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8077 | |||
Oval ID: | oval:org.mitre.oval:def:8077 | ||
Title: | IE v6.0, SP1 HijackClick 3 / Script in Image Tag File Download Vulnerability | ||
Description: | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0841 | Version: | 5 |
Platform(s): | Microsoft Windows ME | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8127 | |||
Oval ID: | oval:org.mitre.oval:def:8127 | ||
Title: | Address Bar Spoofing on Double Byte Character Set Systems Vulnerability | ||
Description: | Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0844 | Version: | 5 |
Platform(s): | Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2004-10-20 | Microsoft Internet Explorer 5.x Valid File Drag and Drop Embedded Code Vulner... |
OpenVAS Exploits
Date | Description |
---|---|
2005-11-03 | Name : IE 5.01 5.5 6.0 Cumulative patch (890923) File : nvt/smb_nt_ms02-005.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
15221 | Microsoft IE Drag and Drop Zone Security Preference Bypass |
10756 | Microsoft MSN heartbeat.ocx Component Overflow MSN hearbeat.ocx contains a flaw related to a component that may allow an attacker to cause a buffer overflow. No further details have been provided. |
10710 | Microsoft IE CSS Memory Corruption Arbitrary Command Execution A remote overflow exists in Microsoft Internet Explorer. The mshtml.dll library in Internet Explorer fails to check the boundary within the processing of Cascading Style Sheets, resulting in a memory corruption. With a specially crafted webpage or HTML e-mail message, an attacker can execute arbitrary code resulting in a loss of integrity. |
10709 | Microsoft IE SSL Cached Content Spoofing Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by the improper handling of cached SSL contents, which will disclose information resulting in a loss in confidentiality It will also allow content on SSL-protected websites to be spoofed, resulting in a loss of integrity. |
10708 | Microsoft IE Image Tag Arbitrary Script Execution (HijackClick 3) Internet Explorer contains a flaw in the function which processes scripts in image tags that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user visits a malicious web page or views an HTML mail using the popup.show method. This flaw allows execution of arbitrary code on the victim's machine leading to a loss of Integrity. |
10707 | Microsoft IE Plug-in Navigation Address Bar Spoofing Internet Explorer contains a flaw that may allow a malicious user to spoof an address in a user's address bar. The issue is triggered when the victim visits a specially crafted web page and the Plug-in Navigation does not properly handle the request. It is possible that the flaw may allow the attacker to spoof a trusted web site resulting in a loss of integrity. |
10706 | Microsoft IE Double Byte Character Set Address Bar Spoofing Internet Explorer flaw that may allow a malicious user to spoof an address in a user's address bar. The issue is triggered when Internet Explorer attempts to parse special characters in double byte character systems. It is possible that the flaw may allow the attacker to spoof a trusted web site resulting in a loss of integrity. |
10705 | Microsoft IE Install Engine Inseng.dll Arbitrary Code Execution A remote overflow exists in Internet Explorer. Internet Explorer fails to properly check boundaries in input sent to inseng.dll resulting in a buffer overflow. With a specially crafted URL, an attacker can cause execution of arbitrary code with the privileges of the target user resulting in a loss of integrity. |
10704 | Microsoft IE Similar Method Name Redirection Cross Domain/Site Scripting Internet Explorer contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the redirection of a function to another function with the same name. This could allow a user to create a specially crafted URL that would execute arbitrary code possibly in other security zones/domains in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
9070 | Microsoft IE dragDrop Arbitrary File Upload (What a Drag II) Microsoft IE contains a flaw that may allow an attacker to upload a malicious file. The issue is triggered when a user attempts a drag and drop action on a malicious html page. It is possible that the flaw may allow the saving of an arbitrary file in the startup folder which will be executed after the next reboot resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | MSN Heartbeat ActiveX clsid access RuleID : 4167 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Shell.Explorer ActiveX Object Access RuleID : 4166 - Revision : 10 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer mouse drag hijack RuleID : 21353 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer implicit drag and drop file installation attempt RuleID : 18299 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CSS memory corruption attempt RuleID : 18175 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CSS memory corruption attempt RuleID : 18174 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer Install Engine ActiveX clsid unicode access RuleID : 17589 - Revision : 4 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer Install Engine ActiveX clsid access RuleID : 17588 - Revision : 13 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer Shell.Explorer 2 ActiveX clsid access RuleID : 15122 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | Shell.Explorer 2 ActiveX function call unicode access RuleID : 15113 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access RuleID : 15112 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | Shell.Explorer 2 ActiveX clsid unicode access RuleID : 15111 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | MSN Heartbeat ActiveX clsid unicode access RuleID : 12956 - Revision : 7 - Type : WEB-ACTIVEX |
Alert History
Date | Informations |
---|---|
2014-01-19 21:29:53 |
|