CVE-2004-0841

Currently unrated

Key Information:

Vendor: Avaya
Status: Definity One Media Server; Ie; S8100; Ip600 Media Servers
Vendor: CVE Published:; 23 December 2004

Summary

Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."

References

http://www.kb.cert.org/vuls/id/413886

third-party-advisoryx_refsource_CERT-VN

http://securitytracker.com/id?1010679

vdb-entryx_refsource_SECTRACK

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

93% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 23, 2004
Vulnerability Reserved
Sep 8, 2004