Heap-Based Buffer Overflow in Internet Explorer 6 by Microsoft
CVE-2004-1050

Currently unrated

Key Information:

Vendor: Avaya
Status: Ip600 Media Servers; Definity One Media Server; S8100; Ie
Vendor: CVE Published:; 31 December 2004

Summary

The vulnerability in Internet Explorer 6 arises from a heap-based buffer overflow that can be exploited by remote attackers. By crafting malicious IFRAME, FRAME, or EMBED elements with excessively long SRC or NAME attributes, attackers can execute arbitrary code on the affected system. This issue has been detailed through various platforms that highlight the specific methods of exploitation and the potential risks it poses to users.

References

http://www.kb.cert.org/vuls/id/842160

third-party-advisoryx_refsource_CERT-VN

http://lists.grok.org.uk/pipermail/full-disclosure/2004-O...

mailing-listx_refsource_FULLDISC

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 31, 2004
Vulnerability Reserved
Nov 17, 2004