Vulnerabilities > CVE-2004-0844 - Unspecified vulnerability in Microsoft IE 6

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

NVD

Published: 2004-11-03

Updated: 2018-10-12

Summary

Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability."

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft IE 6	1

Oval

accepted

2014-02-24T04:03:12.787-05:00

class

vulnerability

contributors

name Harvey Rubinovitz
organization The MITRE Corporation
name Harvey Rubinovitz
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.
name Maria Mikhno
organization ALTX-SOFT

description

Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability."

family

windows

id

oval:org.mitre.oval:def:2448

status

accepted

submitted

2005-01-18T12:00:00.000-04:00

title

Address Bar Spoofing on Double Byte Character Set Systems Vulnerability (Server 2003)

version

68

accepted

2014-02-24T04:03:27.966-05:00

class

vulnerability

contributors

name Harvey Rubinovitz
organization The MITRE Corporation
name Christine Walzer
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.
name Maria Mikhno
organization ALTX-SOFT

description

Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability."

family

windows

id

oval:org.mitre.oval:def:8127

status

accepted

submitted

2004-10-25T05:13:00.000-04:00

title

Address Bar Spoofing on Double Byte Character Set Systems Vulnerability

version

68

References

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.