Vulnerabilities > CVE-2004-0843 - Unspecified vulnerability in Microsoft IE and Internet Explorer
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Oval
accepted 2014-02-24T04:03:12.898-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name John Hoyland organization Centennial Software name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." family windows id oval:org.mitre.oval:def:2487 status accepted submitted 2004-10-25T04:00:00.000-04:00 title IE v6.0 Plug-in Navigation Address Bar Spoofing Vulnerability version 68 accepted 2014-02-24T04:03:13.018-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." family windows id oval:org.mitre.oval:def:2537 status accepted submitted 2004-10-25T05:29:00.000-04:00 title IE v5.01,SP4 Plug-in Navigation Address Bar Spoofing Vulnerability version 67 accepted 2014-02-24T04:03:17.653-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." family windows id oval:org.mitre.oval:def:3949 status accepted submitted 2005-01-18T12:00:00.000-04:00 title IE v5.01, SP3 Plug-in Navigation Address Bar Spoofing Vulnerability version 67 accepted 2014-02-24T04:03:24.919-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Harvey Rubinovitz organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." family windows id oval:org.mitre.oval:def:6313 status accepted submitted 2004-10-25T12:00:00.000-04:00 title IE v6.0,SP1 for Server 2003 Plug-in Navigation Address Bar Spoofing Vulnerability version 68 accepted 2014-02-24T04:03:25.812-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." family windows id oval:org.mitre.oval:def:7095 status accepted submitted 2004-10-25T05:31:00.000-04:00 title IE v5.5,SP2 Plug-in Navigation Address Bar Spoofing Vulnerability version 67 accepted 2014-02-24T04:03:26.063-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." family windows id oval:org.mitre.oval:def:7194 status accepted submitted 2004-10-25T07:44:00.000-04:00 title IE v6.0,SP1 Plug-in Navigation Address Bar Spoofing Vulnerability version 68
References
- http://www.us-cert.gov/cas/techalerts/TA04-293A.html
- http://www.kb.cert.org/vuls/id/625616
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17655
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17651
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7194
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7095
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6313
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3949
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2537
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2487
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038