Vulnerabilities > CVE-2004-2219 - Unspecified vulnerability in Microsoft IE and Internet Explorer

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft IE 6.0 Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 6.0	4

References

http://archives.neohapsis.com/archives/bugtraq/2004-08/0215.html
http://archives.neohapsis.com/archives/bugtraq/2004-08/0215.html
http://secunia.com/advisories/12304
http://secunia.com/advisories/12304
http://securitytracker.com/id?1010957
http://securitytracker.com/id?1010957
http://umbrella.name/originalvuln/msie/NullyFake/nullyfake-content.txt
http://umbrella.name/originalvuln/msie/NullyFake/nullyfake-content.txt
http://www.osvdb.org/8978
http://www.osvdb.org/8978
https://exchange.xforce.ibmcloud.com/vulnerabilities/17007
https://exchange.xforce.ibmcloud.com/vulnerabilities/17007