Vulnerabilities > CVE-2004-1527

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows remote attackers to hijack web sessions.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft IE 6.0 Microsoft Internet Explorer 6.0	2

References

http://marc.info/?l=bugtraq&m=110053968530613&w=2
http://marc.info/?l=bugtraq&m=110053968530613&w=2
http://secunia.com/advisories/13208
http://secunia.com/advisories/13208
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/79_e.html
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/79_e.html
http://www.securityfocus.com/bid/11680
http://www.securityfocus.com/bid/11680
https://exchange.xforce.ibmcloud.com/vulnerabilities/18073
https://exchange.xforce.ibmcloud.com/vulnerabilities/18073

Vulnerabilities > CVE-2004-1527 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2004-1527"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2004-1527