Vulnerabilities > CVE-2004-2383 - Unspecified vulnerability in Microsoft IE and Internet Explorer
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
exploit available
Summary
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. NOTE: the discloser claimed that the vendor does not categorize this as a vulnerability, but it can be used in a spoofing scenario; the discloser provides alternate scenarios. Spoofing scenarios are currently included in CVE.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Exploit-Db
| description | Microsoft Internet Explorer 5/6 Cross-Domain Event Leakage Vulnerability. CVE-2004-2383. Remote exploit for windows platform |
| id | EDB-ID:23766 |
| last seen | 2016-02-02 |
| modified | 2004-02-27 |
| published | 2004-02-27 |
| reporter | iDefense |
| source | https://www.exploit-db.com/download/23766/ |
| title | Microsoft Internet Explorer 5/6 - Cross-Domain Event Leakage Vulnerability |