Vulnerabilities > CVE-2004-2291 - Unspecified vulnerability in Microsoft IE and Internet Explorer

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

exploit available

NVD

Published: 2004-12-31

Updated: 2021-07-23

Summary

Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 6.0 Microsoft IE 6.0	6

Exploit-Db

description	MS Internet Explorer Remote Application.Shell Exploit. CVE-2004-2291. Remote exploit for windows platform
id	EDB-ID:310
last seen	2016-01-31
modified	2004-07-09
published	2004-07-09
reporter	Jelmer
source	https://www.exploit-db.com/download/310/
title	Microsoft Internet Explorer Remote Application.Shell Exploit

Summary

Vulnerable Configurations

Exploit-Db

References