CVE-2004-1050

Currently unrated

Key Information:

Vendor: Avaya
Status: Ip600 Media Servers; Definity One Media Server; S8100; Ie
Vendor: CVE Published:; 31 December 2004

Summary

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."

References

http://www.kb.cert.org/vuls/id/842160

third-party-advisoryx_refsource_CERT-VN

http://lists.grok.org.uk/pipermail/full-disclosure/2004-O...

mailing-listx_refsource_FULLDISC

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 31, 2004
Vulnerability Reserved
Nov 17, 2004