URL Spoofing Vulnerability in Internet Explorer and Outlook
CVE-2004-0526

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook; Outlook Express; Ie; Internet Explorer
Vendor: CVE Published:; 6 August 2004

Summary

This vulnerability allows remote attackers to deceive users by spoofing a legitimate URL in the status bar of Internet Explorer and Outlook. By utilizing A HREF tags with altered 'alt' values that reference a legitimate site and an image map linking to a malicious address, attackers can effectively launch phishing attacks, tricking users into believing they are interacting with a trusted source. It's crucial for users to be aware of this exploit and exercise caution when clicking on links in these applications.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16102

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=108422905510713&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/10308

vdb-entryx_refsource_BID

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 6, 2004
Vulnerability Reserved
Jun 3, 2004