Vulnerabilities > CVE-2004-0839

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".

Oval

  • accepted2014-02-24T04:00:20.002-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
    familywindows
    idoval:org.mitre.oval:def:1563
    statusaccepted
    submitted2004-10-25T04:59:00.000-04:00
    titleIE v6.0,SP1 Drag-and-Drop Code Execution Vulnerability
    version68
  • accepted2014-02-24T04:00:32.496-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
    familywindows
    idoval:org.mitre.oval:def:2073
    statusaccepted
    submitted2004-10-25T04:42:00.000-04:00
    titleIE v5.01,SP3 Drag-and-Drop Code Execution Vulnerability
    version67
  • accepted2014-02-24T04:03:16.955-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
    familywindows
    idoval:org.mitre.oval:def:3773
    statusaccepted
    submitted2005-01-18T12:00:00.000-04:00
    titleIE v5.5,SP2 Drag-and-Drop Code Execution Vulnerability
    version67
  • accepted2014-02-24T04:03:18.005-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
    familywindows
    idoval:org.mitre.oval:def:4152
    statusaccepted
    submitted2004-10-25T04:44:00.000-04:00
    titleIE v5.01,SP4 Drag-and-Drop Code Execution Vulnerability
    version67
  • accepted2014-02-24T04:03:24.596-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
    familywindows
    idoval:org.mitre.oval:def:6272
    statusaccepted
    submitted2004-10-25T12:00:00.000-04:00
    titleIE v6.0,SP1 (Server 2003) Drag-and-Drop Code Execution Vulnerability
    version68
  • accepted2014-02-24T04:03:26.955-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameJohn Hoyland
      organizationCentennial Software
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
    familywindows
    idoval:org.mitre.oval:def:7721
    statusaccepted
    submitted2004-10-25T04:00:00.000-04:00
    titleIE v6.0 Drag-and-Drop Code Execution Vulnerability
    version68

References