Remote Code Execution Vulnerability in Internet Explorer 6 from Microsoft
CVE-2004-0841

Currently unrated

Key Information:

Vendor
Avaya
Status
Definity One Media Server
Ie
S8100
Ip600 Media Servers
Vendor
CVE Published:
23 December 2004

Summary

Internet Explorer 6.x is susceptible to a remote code execution vulnerability that allows attackers to exploit mousedown events via the Popup.show method. This flaw can be leveraged to execute arbitrary programs through drag-and-drop actions within popup windows, potentially compromising the user's system. Known as 'HijackClick 3', this vulnerability highlights critical security concerns related to unpatched software and the importance of timely updates.

References

http://www.kb.cert.org/vuls/id/413886
third-party-advisoryx_refsource_CERT-VN
http://securitytracker.com/id?1010679
vdb-entryx_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

39% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2004-0841 : Remote Code Execution Vulnerability in Internet Explorer 6 from Microsoft | SecurityVulnerability.io