Heap-Based Buffer Overflow in Internet Explorer 6 by Microsoft
CVE-2004-1050

Currently unrated

Key Information:

Vendor

Avaya
Status
Ip600 Media Servers
Definity One Media Server
S8100
Ie
Vendor
CVE Published:
31 December 2004

What is CVE-2004-1050?

The vulnerability in Internet Explorer 6 arises from a heap-based buffer overflow that can be exploited by remote attackers. By crafting malicious IFRAME, FRAME, or EMBED elements with excessively long SRC or NAME attributes, attackers can execute arbitrary code on the affected system. This issue has been detailed through various platforms that highlight the specific methods of exploitation and the potential risks it poses to users.

References

http://www.kb.cert.org/vuls/id/842160
third-party-advisoryx_refsource_CERT-VN
http://lists.grok.org.uk/pipermail/full-disclosure/2004-O...
mailing-listx_refsource_FULLDISC
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.